ua-dapamoga24.site Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

URL: https://nv.ua/ukr/allnews.html
Title: Новини

URL: https://nv.ua/ukr/opinion.html
Title: Погляди

URL: https://biz.nv.ua/ukr
Title: Бізнес

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

URL: https://life.nv.ua/ukr
Title: Life

URL: https://radio.nv.ua/
Title: Радіо

URL: https://nv.ua/ukr/premium.html
Title: NV Преміум

URL: https://nv.ua/ukr/search.html

URL: https://nv.ua/ukr/ukraine/events/dopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html
Title: Укр

URL: https://nv.ua/ukraine/events/pomoshch-ot-oon-2023-godu-kto-poluchit-2-220-grn-i-kak-podat-zayavku-50334088.html
Title: Рус

URL: https://nv.ua/ukr/ukraine/events/dopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html
Title: Войти в личный кабинет

URL: https://nv.ua/ukr/donate
Title: Підтримати

URL: https://nv.ua/ukr/new_landings/variant_1.html
Title: Передплата

URL: https://nv.ua/ukr/ukraine.html
Title: Україна

URL: https://nv.ua/ukr/ukraine/events.html
Title: Події

URL: https://nv.ua/ukr/ukraine/politics.html
Title: Політика

URL: https://nv.ua/ukr/ukraine/events/odnorazova-dopomoga-postrazhdalim-vid-pidrivu-kahovskoji-ges-hto-i-skilki-otrimaye-50333139.html
Title: Одноразова грошова допомога постраждалим від підриву Каховської ГЕС: хто і скільки отримає

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20230620-vyplaty-vid-oon-hto-z-ukrayincziv-otrymaye-2220-grn-ta-yak-podaty-zayavku/#:~:text=%D0%94%D0%BB%D1%8F%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D0%BD%D0%BD%D1%8F%20%D0%B2%D0%B8%D0%BF%D0%BB%D0%B0%D1%82%20%D0%BD%D0%B5%D0%BE%D0%B1%D1%85%D1%96%D0%B4%D0%BD%D0%BE%20%D0%B7%D0%B2%D0%B5%D1%80%D0%BD%D1%83%D1%82%D0%B8%D1%81%D1%8F,%D0%B9%D0%B4%D0%B5%D1%82%D1%8C%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20%D0%A3%D0%92%D0%9A%D0%91%20%D0%9E%D0%9E%D0%9D.
Title: Факти

URL: https://nv.ua/ukr/posilennya-vimog-do-nadannya-socialnih-viplat-komu-urizhut-dopomogu-50330504.html
Title: Посилення вимог до надання соціальних виплат: кому уріжуть допомогу

URL: https://r2p.org.ua/
Title: Право на захист

URL: https://t.me/pravonazahyst
Title: Telegram-каналом

URL: https://biz.nv.ua/ukr/economics/u-kogo-mozhut-vidibrati-subsidiji-u-2023-roci-v-ukrajini-50326153.html
Title: Втрата субсидії. Як зберегти допомогу від держави

URL: https://biz.nv.ua/ukr/experts/socialni-viplati-v-ukrajini-yak-mozhut-zminitisya-viplati-na-ditey-novini-ukrajini-50329870.html
Title: Виплата соціальної допомоги на дітей в Україні. Що може змінитися?

URL: https://nv.ua/ukr/korrespondents/svyatoslav-vasilik.html
Title: Святослав Василик

URL: https://nv.ua/ukr/tags/oon.html
Title: ООН

URL: https://nv.ua/ukr/tags/pereselentsy.html
Title: Переселенці

URL: https://nv.ua/ukr/tags/dokumenty.html
Title: Документи

URL: https://nv.ua/ukr/tags/denezhnaja-pomoshch.html
Title: Грошова допомога

URL: https://nv.ua/ukr/tags/vpl.html
Title: ВПО

URL: https://nv.ua/ukr/sitemap.html
Title: Карта сайту

URL: https://nv.ua/ukr/authors.html
Title: Всі колумністи NV

URL: https://nv.ua/ukr/opinion_authors.html
Title: Всі Лідери думок

URL: https://techno.nv.ua/ukr/techno_bloggers.html
Title: Всі техноблогери

URL: https://biz.nv.ua/ukr/expert_authors.html
Title: Всі експерти NV Бізнес

URL: https://nv.ua/ukr/korrespondents.html
Title: Автори та редактори сайту

URL: https://nv.ua/ukr/page/cookies.html
Title: Про файли cookies

URL: https://nv.ua/ukr/new_landings/variant_1.html?utm_source=site&utm_medium=popup&utm_campaign=psubscription
Title: ПРОДОВЖИТИ ПЕРЕДПЛАТУ

URL: https://nv.ua/ukr/reset_password.html
Title: Забули пароль?

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0' aria-label="hit.ua"/>

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ua-dapamoga24.site/ HTTP 301
https://ua-dapamoga24.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D HTTP 302
https://server.smartytech.io/icm.gif?uid=433054cb-53c0-4327-80f7-cd738253f1e0

Request Chain 78

https://gaua.hit.gemius.pl/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-dapamoga24.site%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NzUrhl6R4YHjxCT6Q.WfMxLiI6LhoVtuIKjqwe2FVNP.x7ecZsObox3ep.xdn8jIUCFBbmVg8aVBnEzkNLoTJhyeZMdM/trwLw7wQfraPG/&fpdata=Dw56KzysLxmOLYuTOja__3kFygGy6RFx_9zwxIX78VP.c7&ltime=236&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=649c1ac92ece4fe5&brts=1687952074&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-dapamoga24.site%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NzUrhl6R4YHjxCT6Q.WfMxLiI6LhoVtuIKjqwe2FVNP.x7ecZsObox3ep.xdn8jIUCFBbmVg8aVBnEzkNLoTJhyeZMdM/trwLw7wQfraPG/&fpdata=Dw56KzysLxmOLYuTOja__3kFygGy6RFx_9zwxIX78VP.c7&ltime=236&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=649c1ac92ece4fe5&brts=1687952074&fpcap=

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://gum.criteo.com/sid/json?origin=publishertag&domain=ua-dapamoga24.site&sn=ChromeSyncframe&so=0&topUrl=ua-dapamoga24.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1tP5AHxjd3UwWlZJUitIR0xESFRzRUJDeGpXVSt2TUIrN3FpQTUvMUdIeGdsQUl2eElTdWRuOFRrSVpZSGZ5YlUzdmxTK2VLWE5GT1RFQXh2a2FuOUhmdWpqbzBoY3RPL2c0QWh5eS9yZ3l6U3VTWkRDeVR5U2JkSmNLVDRVUVJYV296RHJFbnlsR0tTQVRweUYzYTByY2w4b3dPaXp6UXRvZG1SbXpyQWlpcHgyRGRrZ1NCNFZ5V2pKRkkwRFdVQ1dMenpGMWFORm5QYTl4NWJudGd5dTFVSmEyOGVESjAvNHZxQmZWaFRQeDhJWlRyVzc3cnhyM05YWjkwOW1ETzNDTitMd3d2UXdDVmQydDY0UkRqb09EemxuUT09fA&cppv=2

Request Chain 153

https://ams3-ib.adnxs.com/vast_track/v2?info=aAAAAAMArgAFAQnLGpxkAAAAABEqzwzzGMpDRRnLGpxkAAAAACDu2czOASgAMKALONpMQK2ugAFI6OjxAlD98J8OWL8MYgJOTGgBcAF4AIABAIgBAJABAJgBAKABAKgB7tnMzgGwAQE.&s=d6c68a36051ef1536e64db5ff7fed698e2223ce3&event_type=1&redir=https%3A%2F%2Fams3-ib.adnxs.com%2Fabdv%3Fro%3D1%26an_audit%3D0%26referrer%3Dhttps%253A%252F%252Fnv.ua%252Fukr%252Fukraine%252Fevents%252Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html%26e%3DwqT_3QKTLOgTFgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWTDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SACkRJNgxAAAAgOtR2D8w_fCfDjjaTECgC0hlUO7ZzM4BWOyYnAFgAGiekL0BeO_0BYABAYoBA1VTRJIBAQbwPJgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC6bpK6gJ1aHR0cHM6Ly9udi51YS91a3IBBPRtBmFpbmUvZXZlbnRzL2RvcG9tb2dhLXZpZC1vb24tMjAyMy1yb2NpLWh0by1vdHJpbWF5ZS0yLTIyMC1ncm4taS15YWstcG9kYXRpLXpheWF2a3UtNTAzMzQwODguaHRtbIADAIgDAZADAJgDF6ADAaoDiAcK0QZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNrQUVTeXhxY1pMUHVMSVdpLWdhN2dwOWcwWnJGcW5HdW1PU1JxaEhvay1uc3R6b1FBU0RtbDlZbFlKR0VvSVdNR01nQkJha0NCd0lWeWJCZXNqNm9Bd0hJQXhPWUJBQ3FCTklCVDlCaVFUV3ZRWERvODFkTjFqWk5iNDhjWkg3eHF6RzNEVmdsYVVZLTFXUktuUWdDd3dzcGVLT1NrcUY0c2Z3NGtLaU9TOHdsMHFSZjd4UXd4RXNiU2dDeThla1ZhR3Y4Y2hNVU9nVGdFdF9FeHZ5c1RSbXFFV3Z5Y3oxSHhfQXdzNFRCdmRaVnZGbUtSVXlDSFlkUHlIMkJreWtlT1ExNXI4WjZBWFZ5VUh5OXUtaEhUUWdtTjBYd2JBR2w4eTNkX0FsRW5GSjNTSnF2UjdvVmhQOGpOa1A0cWpYSWN2QXB4R1ZJdDRfN3hEaFlzc0oyMXVIUG5xbXJMSVAtenpOS05RTXVXaV9KZWtKMHh5c2F5OGlTNGJHNHdBVGVyYU92cXdUZ0JBT0lCZlBZbk1SS2tnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpPZ0FlMHdjXzdBNmdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY05FTzNZcndFWTFxdWc1Z0VnQk5JSUZnaUE0WUFRRUFFWVh6SUNxZ0k2QW9CQVNMMzl3VHJ5Q0E1aWFXUmtaWEl0TmpBMU9URXhNb0FLQk1nTEFiQVR3cHpzRThnVDBmQzA0Z1BRRXdEWUV3T0lGQVRZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD14Z3o3Qi0zMnpQSSZjbWQ9Q2hkallTMXdkV0l0TXpBM05qZzVNREF4TWpjME1UUTJOeEFBR0FFJnVhY2hfbT1bVUFDSF0mY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ5OTEwNTUwMjA1NjIzNzAzNDYiCTQzMzI2OTk5OCoHMjMxMzIzMToJNDgyODc0ODM4wAPgqAHIAwDYA6K4VuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjE0MqgEALIEDggAEAEYACAAKAIwADgCuAQAwAQAyAQA2gQCCAHgBADwBO7ZzM4BiAUBmAUAoAXkz7vq0NPdohDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_DPoFBAgAEACQBgGYBgCiBg45ODE4I0FNUzM6NjA4ObgGAMEGAAAAAAAA8D_QBqBO2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGhwEI1PVjEoABZWhUM1dsb0FBQUFEQUFrQ0JRRUk0dFNCQ2hDVXNjNERHTDZZLUFNZ0J5Z0FRTlRGM2dwSTFjWGVDbER4UTFqSkwzRUFBQUFBQUFBQUFIZ0FnUUVBQUFBQUFBQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXNRRUFBQUFBQUFBQUFBLi6ABwGIBwCSB4ofPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8-PFZBU1QgeG1sbnM6eHNpPSJodHRwczovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpub05hbWVzcGFjZVNjaGVtYUxvY2F0aW9uPSJ2YXN0LnhzZCIgdmVyc2lvbj0iMi4wIj48QWQgaWQ9IjQ4Mjg3NDgzOCI-PFdyYXBwZXI-PEFkU3lzdGVtPlhCaWQ8L0FkU3lzdGVtPjxWQVNUQWRUYWdVUkk-PCFbQ0RBVEFbsfgMYmlkLkb4BfBxZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtQVFkSUswcTVSV0NsangwOWJzU0dPcHdrX1dzODhkaW1aZjVGY3VTd2stUnFjc1NrSzhpdkU2UzQtSS1MOGJqMFJkaUlCa1JCZ0FjZzVjb3FFRV9IaEc2ZVItT2cmAWkAZA1p9EEORDBUc05aVjNKX1kzVDFVcWk1eEdtMHljZ1BTa09Zcnh4enIxWHVNYnoyWGlQZy1KNlRINVduN203aWM3SkRIVWlmQkszVkNHbFpCMnRzZURUN0VuNzhDSERUclBiSnNiU1NkNy1YQUFteHBGS0I2U29qVlBnZm5UX3ozeTVHNUYtdG5NeWs5OEZnMUlOZmFmb0ZtN3lwWDJ5c19LdjBTRWZzejM4RFV5Tk1qMjQxUml4NDdReXdhT3ZXbFpVWUpSSnlhYjB5UkFfaG9pUkpWdXRJbUllMklxX1JqTXQ2ay03UExaNUJsMjQzYjhFYW1IdTlUYzJxb19IUnktZ2c5RkxfendQajd1V2EzejdTQ0hFWm1TWlJ6UWFpNTV4ZmJVYU5HdlZkTmdCSUo3blQwUW5TTzJFdlhSR2xyWHRfcUZrdHpHci1nQ0JvbnlVdXNvYXZWRXRqNWM2N20yUWVidVk5UGhXU3BTNXQxczJjNkZza1RvWGwwbXdrVF9PMU1HWWlyUjRON1VicDRZRTV2eUxjQVVzS19mUk1rRzhRZ1VjRnEtR1VFRGdudzN1YjNON3liZTJNLW5ZTXZOLVpBRWdmNVZlMEV1SXNwM0MyeXRvSjZ1NVFFVW9fZkFqWDQ4WUxoVG9uWGJuYUU0Y2EzMl9sMkVYUUlRZlB0Zld4ZnZfODBLTWtxX3l4aHBTNnZSTV9HT2hEVEM5OVFIRmhRbm95NkQzRWxGYmxMY1hQbVlVbEtsankybkpfeW5vOFJ1cmVHbGJ4TFI3WVVUS2Z1dkpIVjB4MVJ5WVhjbzNRODJvcm45eEZjVXk5Y1RrY2NnUEt4MDdwQlluYVJtRGF0RlJWUmZwb3YxQTVpVEhzUFVQZEJYWVB3YWZGODRUcEtaTGVsTzRhV2NIcGtmSFRNelViU3N5cXBIWTZ4ZjBha1h0bFZ5cmE4MG9jQ2czM0NOVFl0cHhBOTBnMTEydUZuNTZJQmtsenIwdnpfWkVSZE41TC1HcE9IcnhsNjkzMUhPTVR6SXJ2VjVXeEZpT2VfUVdyX2xBU2tranNaa0VJZGVYWGRqMHdsdWNqMmVDNmw3UmxGZl8zdXc4dFIwN1duV1FzcEpTcVVuTENHdmNlZFdsYWRsUGVXUlVMbHAwQ25zVm5ERGszZk80TXFrUGVrbFJ1TkRwR1dkcVdYVGtkVnRyLThQcENaalpIR0pVdlJ4UG9YckZscWhrejFMZG5fQ0tHNjd6MVpqbkhwVVZMNTlRbTloZkp1NTRJS3lNdkd4WC0xLUExRHdlSEdTT3RXbmlYb0RsWmprTmlCNm1KUGtUaVA2VTFBYW4wNVNFUVM1anVvMHZlMXhyb2I0WFg5SVkxSUhxSkx3b3dNdEZ4QTNoRkZiQ1JqVXJwVFMwSXBreFJTOHFfdVNncV9aV1NQUG5oM2s2Umt2cUtFb0o0UGo1ajdKQmd1ZHB2ZzVtdDUzVHM5SUV5LTRpb3FQTEVoVU9WbGFZYnZmTHQ4RHY3WURfTGhKUHhET2dHamJ5aWdYUW5PSU9XcDh1eUxIeFdrWlZSZ2E2c3ZuTUoxb3lHMENuTkNFODIxVXZvOHRRdEZHVGhGdVNqMjhiZHdTaGhFTDVhYTlBNVBJd0Z5MDdxNU0wQkJrQ1ZxWGdibTQ0dFRWMDVKNi1IaHNxcjM3SnU2ZXkzTU0zaWlEUjZubWdvaDNjUGtWOXJmSUZ2V3owTjZuWW9pRTVzUlNkbVlVVFZMVWE1b0F6QWV5WmJhcUxXLW9rZ0xucjlmOTJFMklDQlpvOGJPcFBYNVhuR1htanZvVzY2aWx3MXMwekpJLXZ0ZElmdWx2V2ZsWk5taElGbHNYRXVUUmFwSDZ2NnY3dzdScHFDMFRrWUVuUU85RzJzeGZsZlp1WFJFQUVWQi1abmtBdFN3V1AtbnhaZnItbFp6QWllcUVtSkRTVmtCZTNxSXljdXpzV3ZtNnVvVUdVc2s0Z2diRFdoNHQ2WGt4alByZDBMMHcwZ2syVmxhbXZ5bmFwZGZIMlZXTTltX0pBcDJWb3ZzdG9KLUxWbUsyWmE4Um1McjBBX0NFYzlMemlSR1ljNE41ZWRzbThaMFlFX1FFZjFLdFdpRDZjT3NydVN1WEJqZXBZV3dKSXY5RS1MQWdmU0l4a3ZYWW91Rm1kRkZETVZNM2FLVnV0ZDdJVW9vc1BFWTRQaTdaYUp6U2p2V2NEZjkxVFpTUWs0bmlhN3JOTTVka2J4VlUtNS0yRldkb1NWeGU0RnRNMkZoX2RTMHd3ZWFzNFlGVWJGb21zT2gtUzRYOGEwT3A3T3hOeTJETmtQVGNVR0t3c3FaT3pzWnVnQWEtSU1tQTNiMjU2N2o0bmpMSk5GMENYamcwUFByaWZGMjk3SzJYWGdJOXdFcWttSk9BRjVCUklzOF9QQlFjMjZsOXRpdS0xZTJwYm81YjZjT2owcDQzWnZDdWpLNkliM2o1RENtY1FFRFBOUEdHa3lhdHlJMzZabjF6WnNHcE12Yk5ORVRaMVpxRUhYOGFtZEtFWHVMc1RhQ3RISUt2LXBQN3hZdm5udUdScHJwMFFkamk5dU1KbHkzN0tmc25GVjhVcVpid1hOYkVqMnVaUFNqcUZBbFBBNjFQWWZWQmpVZmdkcjNzbkRCaUREYWxLMDJZeHRBcHUzdU94VzlfUVB2ck8yTE1hTDhka1Y5V0RxckYtRFRqVnFRVVhJZEpubHVxcnRKLWxtNW05OE5Nazgxc3lMQzU0ZldWaGwyZ2dxbUJCV3ViN3NqOGw4ejA4eTMtTGFMZVh1dDY0VDh3aF9oUEsyTU9HeXdwN0xRNUhfMHRfWUotVzJKSVBuTklTVmRCQ1FMeUJqd1piZE5fLTBBMVB0YUVKdFNsYzFiZUp5Ty1QdjQxOEtpbEdreDlrcmhGREUzWFJReEpFd3Z3clZyb0taNGxfb29IZEtDMHd6M0pZNXc1NW5tS3d3aWhISW1LLUNMM0dkVkxlbmQ4SG9FV3o2Z2V6cGdGUjdmZjZXRzBTaFF0eWJaSTlwLVZOZ2hUQllPVElNSC1BQnNmWHRPQjZ2eXRRb21SZTNLaVpRa1B4N2xxRFgxeFdlYWp4MjRodm54VDM3blExVEpXeFN0bU5DTmRTUkJTNlR2UDBOZzhINjBtNld3NER2ZTVRem1Ra1BaVUpZTmNnYlUyNjBkV05OWUFsdDMtVlRxV2M5TE9vcEJrMmZ3cEhSOEc4dTVnMzBxVHpqWkxFMkc3RnUtejNHbDZlSDFVSmdIZzktZDhkNWE1M3I2cDI3b1NxblV3OWxiSTN1ekF6aTRlODV0aFNCR25BM2lHVGdQN3ZsRU1OTUVHNWpkdjNTZHRBUmx4Y19jZFBzcUJVMUJmaDBOaktzemE4ZWZmVU12ckE0ekthcURTZFVNQ05BN2x2Y0Vpd3o1WWhxN0RtWmRFN21hRVNJMnlvVFJYaEZoX29QMFBSS2xyZXhsVHhuNmtRODB1dW5kM19KNXphbzV6dUduejJqVktZSzduSnhCeEZwZHZ3ZkVhanZ1S3FSUHNLdTdfSVF4UHZJZFAxTWhzLU85Z0FySU9LMWRwNzhBX2JPcFdDZzZJRHlOTHRjOGpWRXpiQUNNcVBtM1hrWHhTYkZSZXBKdHpkeGFHWkdIN1hKOHZBQ0FXaGR0eDJucTBENS1tNGYxdlRJUng0TFRXenA1ZUdjREotakpDcFdvUFF2XzhDVjJSTUZMTkFFQU8tRndheUZ6SjNtQzVYUTRFOVZ1Q1BST3ZJdE9aUFhSY0dLVmRsSjdqdTEwVEllNmlacm5qdGp3ckU4MjJsTlJHeVB1RnJfREZKc19hcVFzLXRMX0ZiRUZyeDB6RGJCS19xbGkyS0hPUFBjd0N6SVNUckdSS1I4RXhfMkJaVzhkTEh0bWRjTEhrMGgxNTBpLWlPMXZ1TkhDNmE0d01SZmZtbXV4RFg1amlhUVlIRGt6WFFxc2Z5bWYzenNSY0lvRWFJMTh1Y2Jhdi1PZG9adTJHWEMwSzJKWjRRNkVHNWVfeHpDTXJmM2lMekZXWHdOM3drbFk4VVBPaU12TnNSUHVybUJtVnhkWXl0Uno4TFM2Y2UyMTlhUUhfdjlkdXQwekFub19XRWNXT3BwSUJyWUdRdWJBMnJlMGN1NjVCajlZb0VNaktMT0QxYW5CRWVWakxocVhTd3NhbVlWX3dWR2hPRnBmMDVGNzJVcmFJSUljMVVnTkpXX2VmNFN3bWNVS0I3UWJ6OTVWUWhnRmNvRm44YUR1MVFKQ21RcjVEWEZoTkRZY0c4R2Via2JvUkVWMm13aEZ0R08yTG1wMkdhUWI3eFhTUElSdmVTY21ZNlFwSG9OaUN5MlBnckZSOUhWQXhuSnk2VTRKSm1oRWY4N2dLSmJITk83RzJ0T2YyZ2drNnM4V09xQUFXWUQ5XzUyUUQyM0FJOXlnUVFnSE1rY0NfRjVsM0xFOHlMNVJBREFFWmFBNkg0MU5aRnJUcS1yMlF1VUVtUEsmY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCXV0-PC9WQVNUQWRUYWdVUkk-PENyZWF0aXZlcz48Q3JlYXRpdmUgaWQ9IjQ4Mjg3NDgzOCIgc2VxdWVuY2U9IjEiPjxMaW5lYXI-PC9MaW5lYXI-PC9DcmVhdGl2ZT48L0NyZWF0aXZlcz48L1dyYXBwZXI-PC9BZD48L1ZBU1Q-oAdAqgcLMjAwMDczMDAyMTHIB-_0BdIHDQkAAAAAAIBLQBAAGADaBwYIABAAGADgBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.%26s%3Dcb4bdd6d3781fd9e3ea306a92aca4ac7b4c8aff9 HTTP 302
https://ams3-ib.adnxs.com/abdv?ro=1&an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QKTLOgTFgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWTDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SACkRJNgxAAAAgOtR2D8w_fCfDjjaTECgC0hlUO7ZzM4BWOyYnAFgAGiekL0BeO_0BYABAYoBA1VTRJIBAQbwPJgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC6bpK6gJ1aHR0cHM6Ly9udi51YS91a3IBBPRtBmFpbmUvZXZlbnRzL2RvcG9tb2dhLXZpZC1vb24tMjAyMy1yb2NpLWh0by1vdHJpbWF5ZS0yLTIyMC1ncm4taS15YWstcG9kYXRpLXpheWF2a3UtNTAzMzQwODguaHRtbIADAIgDAZADAJgDF6ADAaoDiAcK0QZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNrQUVTeXhxY1pMUHVMSVdpLWdhN2dwOWcwWnJGcW5HdW1PU1JxaEhvay1uc3R6b1FBU0RtbDlZbFlKR0VvSVdNR01nQkJha0NCd0lWeWJCZXNqNm9Bd0hJQXhPWUJBQ3FCTklCVDlCaVFUV3ZRWERvODFkTjFqWk5iNDhjWkg3eHF6RzNEVmdsYVVZLTFXUktuUWdDd3dzcGVLT1NrcUY0c2Z3NGtLaU9TOHdsMHFSZjd4UXd4RXNiU2dDeThla1ZhR3Y4Y2hNVU9nVGdFdF9FeHZ5c1RSbXFFV3Z5Y3oxSHhfQXdzNFRCdmRaVnZGbUtSVXlDSFlkUHlIMkJreWtlT1ExNXI4WjZBWFZ5VUh5OXUtaEhUUWdtTjBYd2JBR2w4eTNkX0FsRW5GSjNTSnF2UjdvVmhQOGpOa1A0cWpYSWN2QXB4R1ZJdDRfN3hEaFlzc0oyMXVIUG5xbXJMSVAtenpOS05RTXVXaV9KZWtKMHh5c2F5OGlTNGJHNHdBVGVyYU92cXdUZ0JBT0lCZlBZbk1SS2tnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpPZ0FlMHdjXzdBNmdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY05FTzNZcndFWTFxdWc1Z0VnQk5JSUZnaUE0WUFRRUFFWVh6SUNxZ0k2QW9CQVNMMzl3VHJ5Q0E1aWFXUmtaWEl0TmpBMU9URXhNb0FLQk1nTEFiQVR3cHpzRThnVDBmQzA0Z1BRRXdEWUV3T0lGQVRZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD14Z3o3Qi0zMnpQSSZjbWQ9Q2hkallTMXdkV0l0TXpBM05qZzVNREF4TWpjME1UUTJOeEFBR0FFJnVhY2hfbT1bVUFDSF0mY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ5OTEwNTUwMjA1NjIzNzAzNDYiCTQzMzI2OTk5OCoHMjMxMzIzMToJNDgyODc0ODM4wAPgqAHIAwDYA6K4VuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjE0MqgEALIEDggAEAEYACAAKAIwADgCuAQAwAQAyAQA2gQCCAHgBADwBO7ZzM4BiAUBmAUAoAXkz7vq0NPdohDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_DPoFBAgAEACQBgGYBgCiBg45ODE4I0FNUzM6NjA4ObgGAMEGAAAAAAAA8D_QBqBO2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGhwEI1PVjEoABZWhUM1dsb0FBQUFEQUFrQ0JRRUk0dFNCQ2hDVXNjNERHTDZZLUFNZ0J5Z0FRTlRGM2dwSTFjWGVDbER4UTFqSkwzRUFBQUFBQUFBQUFIZ0FnUUVBQUFBQUFBQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXNRRUFBQUFBQUFBQUFBLi6ABwGIBwCSB4ofPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8-PFZBU1QgeG1sbnM6eHNpPSJodHRwczovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpub05hbWVzcGFjZVNjaGVtYUxvY2F0aW9uPSJ2YXN0LnhzZCIgdmVyc2lvbj0iMi4wIj48QWQgaWQ9IjQ4Mjg3NDgzOCI-PFdyYXBwZXI-PEFkU3lzdGVtPlhCaWQ8L0FkU3lzdGVtPjxWQVNUQWRUYWdVUkk-PCFbQ0RBVEFbsfgMYmlkLkb4BfBxZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtQVFkSUswcTVSV0NsangwOWJzU0dPcHdrX1dzODhkaW1aZjVGY3VTd2stUnFjc1NrSzhpdkU2UzQtSS1MOGJqMFJkaUlCa1JCZ0FjZzVjb3FFRV9IaEc2ZVItT2cmAWkAZA1p9EEORDBUc05aVjNKX1kzVDFVcWk1eEdtMHljZ1BTa09Zcnh4enIxWHVNYnoyWGlQZy1KNlRINVduN203aWM3SkRIVWlmQkszVkNHbFpCMnRzZURUN0VuNzhDSERUclBiSnNiU1NkNy1YQUFteHBGS0I2U29qVlBnZm5UX3ozeTVHNUYtdG5NeWs5OEZnMUlOZmFmb0ZtN3lwWDJ5c19LdjBTRWZzejM4RFV5Tk1qMjQxUml4NDdReXdhT3ZXbFpVWUpSSnlhYjB5UkFfaG9pUkpWdXRJbUllMklxX1JqTXQ2ay03UExaNUJsMjQzYjhFYW1IdTlUYzJxb19IUnktZ2c5RkxfendQajd1V2EzejdTQ0hFWm1TWlJ6UWFpNTV4ZmJVYU5HdlZkTmdCSUo3blQwUW5TTzJFdlhSR2xyWHRfcUZrdHpHci1nQ0JvbnlVdXNvYXZWRXRqNWM2N20yUWVidVk5UGhXU3BTNXQxczJjNkZza1RvWGwwbXdrVF9PMU1HWWlyUjRON1VicDRZRTV2eUxjQVVzS19mUk1rRzhRZ1VjRnEtR1VFRGdudzN1YjNON3liZTJNLW5ZTXZOLVpBRWdmNVZlMEV1SXNwM0MyeXRvSjZ1NVFFVW9fZkFqWDQ4WUxoVG9uWGJuYUU0Y2EzMl9sMkVYUUlRZlB0Zld4ZnZfODBLTWtxX3l4aHBTNnZSTV9HT2hEVEM5OVFIRmhRbm95NkQzRWxGYmxMY1hQbVlVbEtsankybkpfeW5vOFJ1cmVHbGJ4TFI3WVVUS2Z1dkpIVjB4MVJ5WVhjbzNRODJvcm45eEZjVXk5Y1RrY2NnUEt4MDdwQlluYVJtRGF0RlJWUmZwb3YxQTVpVEhzUFVQZEJYWVB3YWZGODRUcEtaTGVsTzRhV2NIcGtmSFRNelViU3N5cXBIWTZ4ZjBha1h0bFZ5cmE4MG9jQ2czM0NOVFl0cHhBOTBnMTEydUZuNTZJQmtsenIwdnpfWkVSZE41TC1HcE9IcnhsNjkzMUhPTVR6SXJ2VjVXeEZpT2VfUVdyX2xBU2tranNaa0VJZGVYWGRqMHdsdWNqMmVDNmw3UmxGZl8zdXc4dFIwN1duV1FzcEpTcVVuTENHdmNlZFdsYWRsUGVXUlVMbHAwQ25zVm5ERGszZk80TXFrUGVrbFJ1TkRwR1dkcVdYVGtkVnRyLThQcENaalpIR0pVdlJ4UG9YckZscWhrejFMZG5fQ0tHNjd6MVpqbkhwVVZMNTlRbTloZkp1NTRJS3lNdkd4WC0xLUExRHdlSEdTT3RXbmlYb0RsWmprTmlCNm1KUGtUaVA2VTFBYW4wNVNFUVM1anVvMHZlMXhyb2I0WFg5SVkxSUhxSkx3b3dNdEZ4QTNoRkZiQ1JqVXJwVFMwSXBreFJTOHFfdVNncV9aV1NQUG5oM2s2Umt2cUtFb0o0UGo1ajdKQmd1ZHB2ZzVtdDUzVHM5SUV5LTRpb3FQTEVoVU9WbGFZYnZmTHQ4RHY3WURfTGhKUHhET2dHamJ5aWdYUW5PSU9XcDh1eUxIeFdrWlZSZ2E2c3ZuTUoxb3lHMENuTkNFODIxVXZvOHRRdEZHVGhGdVNqMjhiZHdTaGhFTDVhYTlBNVBJd0Z5MDdxNU0wQkJrQ1ZxWGdibTQ0dFRWMDVKNi1IaHNxcjM3SnU2ZXkzTU0zaWlEUjZubWdvaDNjUGtWOXJmSUZ2V3owTjZuWW9pRTVzUlNkbVlVVFZMVWE1b0F6QWV5WmJhcUxXLW9rZ0xucjlmOTJFMklDQlpvOGJPcFBYNVhuR1htanZvVzY2aWx3MXMwekpJLXZ0ZElmdWx2V2ZsWk5taElGbHNYRXVUUmFwSDZ2NnY3dzdScHFDMFRrWUVuUU85RzJzeGZsZlp1WFJFQUVWQi1abmtBdFN3V1AtbnhaZnItbFp6QWllcUVtSkRTVmtCZTNxSXljdXpzV3ZtNnVvVUdVc2s0Z2diRFdoNHQ2WGt4alByZDBMMHcwZ2syVmxhbXZ5bmFwZGZIMlZXTTltX0pBcDJWb3ZzdG9KLUxWbUsyWmE4Um1McjBBX0NFYzlMemlSR1ljNE41ZWRzbThaMFlFX1FFZjFLdFdpRDZjT3NydVN1WEJqZXBZV3dKSXY5RS1MQWdmU0l4a3ZYWW91Rm1kRkZETVZNM2FLVnV0ZDdJVW9vc1BFWTRQaTdaYUp6U2p2V2NEZjkxVFpTUWs0bmlhN3JOTTVka2J4VlUtNS0yRldkb1NWeGU0RnRNMkZoX2RTMHd3ZWFzNFlGVWJGb21zT2gtUzRYOGEwT3A3T3hOeTJETmtQVGNVR0t3c3FaT3pzWnVnQWEtSU1tQTNiMjU2N2o0bmpMSk5GMENYamcwUFByaWZGMjk3SzJYWGdJOXdFcWttSk9BRjVCUklzOF9QQlFjMjZsOXRpdS0xZTJwYm81YjZjT2owcDQzWnZDdWpLNkliM2o1RENtY1FFRFBOUEdHa3lhdHlJMzZabjF6WnNHcE12Yk5ORVRaMVpxRUhYOGFtZEtFWHVMc1RhQ3RISUt2LXBQN3hZdm5udUdScHJwMFFkamk5dU1KbHkzN0tmc25GVjhVcVpid1hOYkVqMnVaUFNqcUZBbFBBNjFQWWZWQmpVZmdkcjNzbkRCaUREYWxLMDJZeHRBcHUzdU94VzlfUVB2ck8yTE1hTDhka1Y5V0RxckYtRFRqVnFRVVhJZEpubHVxcnRKLWxtNW05OE5Nazgxc3lMQzU0ZldWaGwyZ2dxbUJCV3ViN3NqOGw4ejA4eTMtTGFMZVh1dDY0VDh3aF9oUEsyTU9HeXdwN0xRNUhfMHRfWUotVzJKSVBuTklTVmRCQ1FMeUJqd1piZE5fLTBBMVB0YUVKdFNsYzFiZUp5Ty1QdjQxOEtpbEdreDlrcmhGREUzWFJReEpFd3Z3clZyb0taNGxfb29IZEtDMHd6M0pZNXc1NW5tS3d3aWhISW1LLUNMM0dkVkxlbmQ4SG9FV3o2Z2V6cGdGUjdmZjZXRzBTaFF0eWJaSTlwLVZOZ2hUQllPVElNSC1BQnNmWHRPQjZ2eXRRb21SZTNLaVpRa1B4N2xxRFgxeFdlYWp4MjRodm54VDM3blExVEpXeFN0bU5DTmRTUkJTNlR2UDBOZzhINjBtNld3NER2ZTVRem1Ra1BaVUpZTmNnYlUyNjBkV05OWUFsdDMtVlRxV2M5TE9vcEJrMmZ3cEhSOEc4dTVnMzBxVHpqWkxFMkc3RnUtejNHbDZlSDFVSmdIZzktZDhkNWE1M3I2cDI3b1NxblV3OWxiSTN1ekF6aTRlODV0aFNCR25BM2lHVGdQN3ZsRU1OTUVHNWpkdjNTZHRBUmx4Y19jZFBzcUJVMUJmaDBOaktzemE4ZWZmVU12ckE0ekthcURTZFVNQ05BN2x2Y0Vpd3o1WWhxN0RtWmRFN21hRVNJMnlvVFJYaEZoX29QMFBSS2xyZXhsVHhuNmtRODB1dW5kM19KNXphbzV6dUduejJqVktZSzduSnhCeEZwZHZ3ZkVhanZ1S3FSUHNLdTdfSVF4UHZJZFAxTWhzLU85Z0FySU9LMWRwNzhBX2JPcFdDZzZJRHlOTHRjOGpWRXpiQUNNcVBtM1hrWHhTYkZSZXBKdHpkeGFHWkdIN1hKOHZBQ0FXaGR0eDJucTBENS1tNGYxdlRJUng0TFRXenA1ZUdjREotakpDcFdvUFF2XzhDVjJSTUZMTkFFQU8tRndheUZ6SjNtQzVYUTRFOVZ1Q1BST3ZJdE9aUFhSY0dLVmRsSjdqdTEwVEllNmlacm5qdGp3ckU4MjJsTlJHeVB1RnJfREZKc19hcVFzLXRMX0ZiRUZyeDB6RGJCS19xbGkyS0hPUFBjd0N6SVNUckdSS1I4RXhfMkJaVzhkTEh0bWRjTEhrMGgxNTBpLWlPMXZ1TkhDNmE0d01SZmZtbXV4RFg1amlhUVlIRGt6WFFxc2Z5bWYzenNSY0lvRWFJMTh1Y2Jhdi1PZG9adTJHWEMwSzJKWjRRNkVHNWVfeHpDTXJmM2lMekZXWHdOM3drbFk4VVBPaU12TnNSUHVybUJtVnhkWXl0Uno4TFM2Y2UyMTlhUUhfdjlkdXQwekFub19XRWNXT3BwSUJyWUdRdWJBMnJlMGN1NjVCajlZb0VNaktMT0QxYW5CRWVWakxocVhTd3NhbVlWX3dWR2hPRnBmMDVGNzJVcmFJSUljMVVnTkpXX2VmNFN3bWNVS0I3UWJ6OTVWUWhnRmNvRm44YUR1MVFKQ21RcjVEWEZoTkRZY0c4R2Via2JvUkVWMm13aEZ0R08yTG1wMkdhUWI3eFhTUElSdmVTY21ZNlFwSG9OaUN5MlBnckZSOUhWQXhuSnk2VTRKSm1oRWY4N2dLSmJITk83RzJ0T2YyZ2drNnM4V09xQUFXWUQ5XzUyUUQyM0FJOXlnUVFnSE1rY0NfRjVsM0xFOHlMNVJBREFFWmFBNkg0MU5aRnJUcS1yMlF1VUVtUEsmY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCXV0-PC9WQVNUQWRUYWdVUkk-PENyZWF0aXZlcz48Q3JlYXRpdmUgaWQ9IjQ4Mjg3NDgzOCIgc2VxdWVuY2U9IjEiPjxMaW5lYXI-PC9MaW5lYXI-PC9DcmVhdGl2ZT48L0NyZWF0aXZlcz48L1dyYXBwZXI-PC9BZD48L1ZBU1Q-oAdAqgcLMjAwMDczMDAyMTHIB-_0BdIHDQkAAAAAAIBLQBAAGADaBwYIABAAGADgBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.&s=cb4bdd6d3781fd9e3ea306a92aca4ac7b4c8aff9

Request Chain 174

https://gcdn.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/904245FDCEA1CF8A6451C0F43E660E06BC4F56EF.A1D012C5B7E59C6ED2F71CDE46A132A667839E8E/key/ck2/file/file.mp4?cpn=RCwwCC3oEHP-Eafh HTTP 302
https://r4---sn-5hneknek.c.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DD0EC7D79FB598401FB17D995A5F12088B3AFA7.0F34FE9A74EF045DF888B4BF7CABC8D64448C875/key/cms1/cms_redirect/yes/mh/SZ/mip/2a00:1630:2:1c03::7/mm/42/mn/sn-5hneknek/ms/onc/mt/1687951431/mv/u/mvi/4/pl/32?cpn=RCwwCC3oEHP-Eafh&file=file.mp4

Request Chain 188

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 189

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 191

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6788356882018535184

Request Chain 192

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 193

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628313696389

Request Chain 194

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dv_ofBxpTEK04PQtS3gLQQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 197

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3423810417

Request Chain 198

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTk5emRrS0Vib0JUTWlNcEt1U0lTVVhFZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=5649857037646172335&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZGRkU4N0MtMUM2OS00QzQyLUI0RTAtRjQyRDRCNzgwQjQx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO33FARl0W91zN96cAJKXjI&google_cver=1

Request Chain 202

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5649857037646172335

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4j3HoffOgrGUiN-xsL9zU&google_cver=1

Request Chain 205

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UWd4zDbHQq-SWOgFaAilxQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UWd4zDbHQq-SWOgFaAilxQ

Request Chain 206

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_nHluJ4aQn2fgUlRBLEKyg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_nHluJ4aQn2fgUlRBLEKyg

Request Chain 207

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGTjJaWEgtMTItSVI4Mg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIbITnF5IGADu1qjSpE7fhE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGTjJaWEgtMTItSVI4Mg==&google_push=

Request Chain 209

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFN2ZXH-12-IR82

Request Chain 210

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGVkNjFiYTg1MjdkNGMxMzBiYTBlYmZiMjMyMTVjMTA2NjRhN2JjYw

Request Chain 211

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/bJyViYxdHB_DMlnCxADyGsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-djvR.u5E2oIbndXtkFn1_cmStszqLhgJov1Jfg--~A

Request Chain 212

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJwazWKD0MFh8um0LxT-mQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1

Request Chain 216

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7412251016812295724

Request Chain 217

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F4609A958A8D4D2AA6574D48428B2DAE

Request Chain 218

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505688636749568525

Request Chain 219

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAA%265247&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b4102d8-8b08-4425-a6d7-720fad7eb3b9-tuctb95a04d

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJwazWKD0MFh8um0LxT-mQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1

Request Chain 225

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=cAU8HHdQZhtrCGRNdVcoTH8JYUtrAjMdcAlHMPtA

Request Chain 227

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 228

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1703763277&external_user_id=41d29525-1b46-493d-8ed1-8cb1bb24bf5f

Request Chain 235

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-YjQEQwOyLpAQY1qug5gEgATAB&v=APEucNXjUEG2o5lgisGACbeas-PpXkMylrLcWfJau6sHVziyqWG0t_N97OaUnSWb5lHtqjMPGXWyVRo7UOMX5_qxyGbLBrRIYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm HTTP 302
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEJko1g8NwBrA8NZVdFXuuiE&google_cver=1

Request Chain 265

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G01JuRwYE74AQBHoHh9d6RRBFO4ASka4G0HjCSBY

Request Chain 266

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412251016812295724&gdpr=0&gdpr_consent=

Request Chain 267

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249698980833654935&gdpr=0&gdpr_consent=

Request Chain 268

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZm9VN0pPRFlBQUNISERCVU5nUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACfoU7JODYAACHHDBUNgQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACfoU7JODYAACHHDBUNgQ&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACfoU7JODYAACHHDBUNgQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=443141570586277415&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACfoU7JODYAACHHDBUNgQ&gdpr=0&gdpr_consent=

Request Chain 269

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fw8wVOOJXVVV2ols5QfDtx_Mlo4&gdpr=0&gdpr_consent=

Request Chain 271

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 272

https://pixel.onaudience.com/?partner=214&mapped=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=60baf1feb01fffb2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=64d215b8cf83c96abd9f8938c7c1c23d&gdpr=1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=60baf1feb01fffb2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a8031d6b95&zcluid=60baf1feb01fffb2&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESENhUaaiNxY65i5bqMHfgQNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a8031d6b95&zcluid=60baf1feb01fffb2&zdid=1332

Request Chain 275

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7e30dafb-617f-453d-9bca-ed78199741f2&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=842530f4-9e1f-4cee-a5b6-0a4fa10753a0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 277

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7505688636749568525&gdpr=0&gdpr_consent=&us_privacy=

280 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ua-dapamoga24.site/
Redirect Chain

http://ua-dapamoga24.site/
https://ua-dapamoga24.site/

109 KB
29 KB

299ms
237ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b573ebf4c2a2f51eddb6590ebcffa471cecb2669b19fb10e8a4737ace2e1c0d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de59f08ef1b0be9-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ednBDwNi4Z9TM7nA61RcuClfeVoAMsyQZkCD3l49vUP1sxR85l%2BMRh7crlOI7uNX9QQlbyiZP%2BIN07heBLIZr7d70GfWWPPVoZkwFrjCHL64NjKB1gZssc47HVDvSCiaIIvJ8FfoLJ1hgwLF%2Fk7nRI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7de59f084cc906c6-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 28 Jun 2023 11:34:33 GMT
Expires: Wed, 28 Jun 2023 12:34:33 GMT
Location: https://ua-dapamoga24.site/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0GZHuBNADY6q%2FcMI3NOjj4vHyl9UiZHlAcl0jRuovfAsPxOIZA00o53CEAE8ltMwhGkJ0KpoCiy3TIQ9ghCNOzwgCzPiqXW%2BVkylsLdqsuBXJoB634Rzsd8ANbE6H5MT9Y5Zb6bPTUF0GMtVzVKRWk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 article.css
nv.ua/css/ 142 KB
22 KB 108ms
45ms Stylesheet
text/css 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/article.css?4.149
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3eeb49969f91fefe9ddc3c35459e1d97844e327bc5fe09622ff0422e603d32d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 05 May 2023 10:07:52 GMT
server: cloudflare
age: 510143
cf-polished: origSize=145060
etag: W/"6454d578-236a4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 7de59f0ada3d0b3e-AMS
expires: Sat, 22 Jun 2024 13:52:10 GMT

GET
H2 200 0b7cb5281fce2f4220d2fc4cacb0f7e8.jpg
static.nv.ua/shared/system/Article/posters/002/703/543/original/ 43 KB
43 KB 139ms
74ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/703/543/original/0b7cb5281fce2f4220d2fc4cacb0f7e8.jpg?q=85&stamp=20230623164311&w=900&f=webp
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365b44c793eba359881136d145066f618a1a1ef37c871a927689fde81c02394b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 11:34:33 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jun 2023 07:15:39 GMT
server: cloudflare
etag: "1368b67112700a77b1b05d25604329fb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7de59f0addf90a55-AMS
expires: Fri, 28 Jul 2023 11:34:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
77 KB 126ms
48ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ee6dcd0a0789b25ff02b0d6d6d2604fa3b9d3439f8cb5e28412037cbdb3327e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77931
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 11:34:33 GMT

GET
H2 200 matomo.js Show response
matomo.nv.ua/ 64 KB
20 KB 129ms
36ms Script
application/javascript 145.239.137.124
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.nv.ua/matomo.js
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.137.124 Pontoise, France, ASN16276 (OVH, FR),
Reverse DNS: ip124.ip-145-239-137.eu
Software: nginx /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
last-modified: Tue, 18 Apr 2023 09:33:05 GMT
server: nginx
etag: W/"643e63d1-10132"
content-type: application/javascript
cache-control: max-age=3600, public
expires: Wed, 28 Jun 2023 12:34:33 GMT

GET
H2 200 email-decode.min.js Show response
nv.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 27ms
27ms Script
application/javascript 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nv.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
server: cloudflare
etag: W/"64941465-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7de59f0b2ab80b3e-AMS
expires: Fri, 30 Jun 2023 11:34:33 GMT

GET noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 0
0

GET icons.ttf
nv.ua/fonts/ 0
0

GET noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 0
0

GET noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 0
0

GET noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 0
0

GET
H2 200 nv_logo_new.svg
static.nv.ua/images/main/ 4 KB
2 KB 41ms
40ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_logo_new.svg?q=85&f=webp&stamp=4.149
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ef2b640cadffe7e40c8f89f1e20294eb0b6650b4b195b0ac5665f9ce87ac27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Dec 2022 07:56:48 GMT
server: cloudflare
age: 3366
etag: W/"63ae99c0-1061"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7de59f0b8eca0a55-AMS

GET
H2 200 /
images.weserv.nl/ 12 KB
13 KB 116ms
39ms Image
image/webp 2606:4700:e0::ac40:6422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/images/newsletters/nv_premium.png?1&q=75&output=webp&stamp=4.149123

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6422 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ede07584ec1d59ed5fc867961a1b52266d7fa7c81b7affc2c849db9f7fd1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 28 Jun 2023 11:34:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508705
x-cache-status: MISS
x-upstream-response-length: 57214
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.webp
alt-svc: h3=":443"; ma=86400
content-length: 12640
last-modified: Thu, 22 Jun 2023 13:52:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbQ06S2zG%2FnXGpkHVViboQz1Svb2cJW%2BCn8UEpw5M9ddqwOxScQ3L357cm%2Fvf7x25dBMt0lOG1wc8Jl1ma%2BferqR6Ape5Y%2BxdZXgfmSTqQ0l4j5Cm6DasHfszL69FjG2og7vlKp2hKryspbtGlKQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://nv.ua/images/newsletters/nv_premium.png?1>; rel="canonical"
cf-ray: 7de59f0c09e81b08-AMS
expires: Fri, 21 Jun 2024 13:52:30 GMT

GET get_right_column_test.html
nv.ua/ukr/ 0
0

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
18 KB 183ms
54ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: a8e6e3bae7ae349523b4fdbfc22654ca1db55fa81e928650dd0d8be49fc5d04d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 12:38:55 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 18031
expires: Wed, 28 Jun 2023 23:34:33 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 252ms
63ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.0578968856281068&r=&u=https%3A//ua-dapamoga24.site/
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 136 KB
45 KB 45ms
45ms Script
application/javascript 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.149
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2e924d4e56f90441d1f067779aed3e38897363cad7e5450fdbd9adc76127bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 13:39:29 GMT
server: cloudflare
age: 510142
etag: W/"64944f11-21fe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 7de59f0bbb700b3e-AMS
expires: Sat, 22 Jun 2024 13:52:11 GMT

GET 2285.html
nv.ua/ukr/get_additional_blocks_desktop/ 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 159ms
83ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a949f4e3e6156cefe1d8e959861c7febf8ed4b5d2ce9f04a3148fb08555bcbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26711
x-xss-protection: 0
server: cafe
etag: 580 / 19536 / m202306220101 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 11:34:33 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 500 KB
149 KB 131ms
37ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?3
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 811175675abd207ebb57ccd7ca19b4a9716c1ab021b2eec1a6a040b6c50ab214

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-575
cdn-cachedat: 06/27/2023 19:29:43
cdn-pullzone: 139012
last-modified: Tue, 27 Jun 2023 10:02:22 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"649ab3ae-7cf62"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: fc4136ed0212a62775670a6d6f2b40b3
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET icons.woff
nv.ua/fonts/ 0
0

GET noto-serif-v9-latin_cyrillic-ext-regular.woff
nv.ua/fonts/noto/ 0
0

GET noto-sans-v12-latin_cyrillic-ext-regular.woff
nv.ua/fonts/noto/ 0
0

GET noto-serif-v9-latin_cyrillic-ext-700.woff
nv.ua/fonts/noto/ 0
0

GET noto-sans-v12-latin_cyrillic-ext-700.woff
nv.ua/fonts/noto/ 0
0

OPTIONS
H2 200 50334088.html
nv.ua/get_article_views/ Frame 0
0 105ms
104ms Preflight
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/get_article_views/50334088.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

age: 0
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7de59f0c7badb960-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:34:33 GMT
server: cloudflare
varnish-ttl: 0.000
vary: Accept-Encoding
x-cache: pass uncacheable
x-varnish-hash: OPTIONS:nv.ua/get_article_views/50334088.html:mobile

OPTIONS
H2 200 set
counter.nv.ua/ Frame 0
0 78ms
65ms Preflight
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.nv.ua/set?a=50334088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7de59f0c9bc9b960-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:34:33 GMT
server: cloudflare

GET 50334088.html
nv.ua/get_article_views/ 0
0

GET set
counter.nv.ua/ 0
0

POST
H2 204 matomo.php
matomo.nv.ua/ 0
188 B 72ms
71ms Ping
text/plain 145.239.137.124
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.nv.ua/matomo.php?action_name=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&idsite=1&rec=1&r=905922&h=11&m=34&s=33&url=https%3A%2F%2Fua-dapamoga24.site%2F&_id=c49592bdb272986b&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Tlk3O7&pf_net=62&pf_srv=237&pf_tfr=29&pf_dm1=212&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: matomo.nv.ua
URL: https://matomo.nv.ua/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

145.239.137.124 Pontoise, France, ASN16276 (OVH, FR),

Reverse DNS

ip124.ip-145-239-137.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
referrer-policy: origin
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://ua-dapamoga24.site
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET icons.woff2
nv.ua/fonts/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 110ms
32ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1792
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 28 Jun 2023 13:04:41 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.2/dist/ 4 KB
2 KB 99ms
35ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.2/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655a9ea42476533d03fd7d46ca6c1e4dd6e8cf1c33b35bdbcf1c8101915c782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1659008
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G53K9W4VJ11AEYXBYRM97AEE-ams
server: cloudflare
etag: W/"1107-KNpy/vtQ6KfqWl7q5srbGEJyE5E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7de59f0d2c7eb918-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6971976ca22bc4bdad6eb474d90bdf8b7c3ad032f68daf4e5d9fa9cbc925af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 11:34:33 GMT

GET noto-serif-v9-latin_cyrillic-ext-regular.ttf
nv.ua/fonts/noto/ 0
0

GET noto-serif-v9-latin_cyrillic-ext-700.ttf
nv.ua/fonts/noto/ 0
0

GET noto-sans-v12-latin_cyrillic-ext-700.ttf
nv.ua/fonts/noto/ 0
0

GET noto-sans-v12-latin_cyrillic-ext-regular.ttf
nv.ua/fonts/noto/ 0
0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ 393 KB
125 KB 186ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4767
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 27 Jun 2024 10:15:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 40 B
586 B 227ms
97ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ua-dapamoga24.site

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81940b75cfa7cdc91ecba273ee9dece229f32444e857809d0ceb4ccb32583765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Wed, 28 Jun 2023 11:34:33 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 287 B
402 B 50ms
49ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=ua-dapamoga24.site
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 5e4e29c3d836627402aa7604bad002ee6a4dbfad47044a4681af1b9f361dc4f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 287
expires: Fri, 28 Jul 2023 11:34:33 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame A57F 5 KB
3 KB 168ms
48ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: e4d74afb0a53c554559009f8d5ba16ef1c6491b297aa87f73a7294b4e54ea819

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2717
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:33 GMT
etag: PRIVATE7520710249
expires: Fri, 28 Jul 2023 11:34:33 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 346ms
112ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: e7e1fed2-3562-b546-baf7-e3d8a00cad33

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
646 B 109ms
44ms Fetch
text/plain 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-571
cdn-cachedat: 06/27/2023 19:29:41
cdn-pullzone: 139012
x-ym-country: NL
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: ea2952d9fa7161ad1607e78c05e82208
accept-ranges: bytes
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
558 B 185ms
120ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: b726f301e2e1e15e3cd65eeaf43e6a33df9e770d760a094f6ead97532b5cb9ad

Request headers

Referer: https://ua-dapamoga24.site/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: nl-NL,nl;q=0.9
X-Amz-Date: 20230628T113433Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20230628/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=cc496a173ed2b43fe2b8f42afbb26ca49f9552a4f03dba3a08ba3811dc057980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: d85d4213-3dba-319a-854b-5f19ff452e4d
Content-Length: 110
x-amz-id-2: Fyig/oJwXL1yofF7J+gw9Nbn0zd6A+A5CA/BG/izs3jd3Dje2ZHXlD+yYP6iwikmerWYfs05LRxl3YRzxw8EW/mG9HO9BIBDqZGdCoaF9zg=
Content-Type: application/x-amz-json-1.1

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 304 KB
94 KB 33ms
32ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 6fae4ed0a66f2633c96a563664930fe629ef2cfefebc918ae9e865f07bc4101c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
cdn-edgestorageid: 722
cdn-storageserver: DE-572
cdn-cachedat: 06/27/2023 19:29:41
cdn-pullzone: 139012
last-modified: Fri, 23 Jun 2023 16:08:39 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6495c387-4bed8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 236e55b762158b772394e2a50bf710b5
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 177 B
872 B 86ms
33ms XHR
text/plain 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5d0621c2070a9d7573e90490b00e755eff7883088ed51ba2ad6b2269b79b00a9

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-575
cdn-cachedat: 06/28/2023 08:30:32
cdn-pullzone: 139012
last-modified: Wed, 28 Jun 2023 08:30:25 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"649befa1-b1"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: 4e9896dbeaf645280700803c0b23fafb
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

icm.gif
server.smartytech.io/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D
https://server.smartytech.io/icm.gif?uid=433054cb-53c0-4327-80f7-cd738253f1e0

43 B
338 B

123ms
51ms

Image
image/gif

167.235.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.smartytech.io/icm.gif?uid=433054cb-53c0-4327-80f7-cd738253f1e0
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Server: 167.235.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.242.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
last-modified: Wed, 28 Jun 2023 11:34:34 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://server.smartytech.io/icm.gif?uid=433054cb-53c0-4327-80f7-cd738253f1e0
date: Wed, 28 Jun 2023 11:34:33 GMT
cache-control: no-store no-transform
server: nginx
content-length: 143
content-type: text/html; charset=utf-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 85ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je36q0&_p=1091357588&_gaz=1&cid=1970455335.1687952074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687952073&sct=1&seg=0&dl=https%3A%2F%2Fua-dapamoga24.site%2F&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&en=page_view&_fv=1&_nsi=1&_ss=1&ep.is_paywall=0&epn.top_category_id=2283&ep.is_infinite=false&ep.is_evergreen=0&ep.paywall_user_id=0&ep.paywall_subscription=none&epn.EditorId=2000269&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 104ms
34ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=1970455335.1687952074&gtm=45je36q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 188ms
59ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=1970455335.1687952074&gtm=45je36q0&aip=1&z=1521143517

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
533 B 204ms
120ms XHR
text/plain 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 469 B
1 KB 81ms
26ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-28-167-177.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

fad8377bf959fd8a1add536fd78352695398c8ac561779f3c30c41c4de932a59

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:33 GMT
AN-X-Request-Uuid: 9d5a128a-9e7e-4e69-bf2c-dccdc552b1ef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 469
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
685 B 190ms
81ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416510&size_id=2&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.page=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.domain=ua-dapamoga24.site&tk_flint=pbjs_lite_v7.35.0&x_source.tid=bdc06cf1-38c2-45ff-b4a5-14f434ea006c&l_pb_bid_id=12ad635fedad70f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4525676315140803
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 609d380103741c26bc45711bd1810dca06c5c30757f363fd854168dc82fc2e15

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 352
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
706 B 140ms
31ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416552&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.page=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.domain=ua-dapamoga24.site&tk_flint=pbjs_lite_v7.35.0&x_source.tid=52a3b45e-a9ec-4d6f-87bd-5a549c64c1a3&l_pb_bid_id=13d20ddfe0a1998&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24019869066722355
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 932f7b8c4b30c953ad13ae4562d4aaa73f1511d3840b124ee6c780d13935a62d

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
935 B 137ms
29ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416558&size_id=15&alt_size_ids=16&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.page=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.domain=ua-dapamoga24.site&tk_flint=pbjs_lite_v7.35.0&x_source.tid=61a07c27-3293-4c12-927d-20a1e8e148b9&l_pb_bid_id=14c13e537ca1d9e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2179879515478551
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9d188e0034d72a43326c3cf83bd7e0337c2f527f5d94bf86a776b178b6c3402e

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
707 B 138ms
30ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416586&size_id=15&alt_size_ids=16&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.page=https%3A%2F%2Fua-dapamoga24.site%2F&tg_i.domain=ua-dapamoga24.site&tk_flint=pbjs_lite_v7.35.0&x_source.tid=338eb0a0-52ce-4146-9a38-93b8538736d4&l_pb_bid_id=151435a20e0c4e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8819838666714981
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cdbc08470e79ca3550e9a7269d1f1e34ca6ba9ed7d989cfb089aa22126b914b1

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 776 B
473 B 180ms
132ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8552,8574,8561,8566&sizes=728x90,300x250|300x600,300x250|336x280,300x250|336x280&referer=https%3A%2F%2Fua-dapamoga24.site%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 5ef0a63495c6585a66072225d87b3599c15831adc23e1a18f3082c60c0704378

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:34 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
289 B 124ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:33 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
588 B 129ms
32ms XHR
application/json 52.28.167.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fua-dapamoga24.site%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.167.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status: 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 400 cdb Show response
bidder.criteo.com/ 0
200 B 147ms
43ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=76156738097&lsavail=0

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://ua-dapamoga24.site
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
546 B 124ms
54ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=849843
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c8857f57c5200d78d4d43ed3f079ff8c5ecf0021bdfb46be785ea05a2733a2d

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8fU%2BiSgdBNsdqr79hITM%2BgqjHAgtuVirNYXscQDDTGqst5l9W4hPfsLk44uNOJHyNEck9w1ZFg%2FcCaBLizF13iGHNmWrtsXcyKbxdyzUn8fVsHExXafXHSM1r04qmwYb0LrTGY3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7de59f0e88f80b6a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
405 B 84ms
29ms XHR
application/json 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2d07bb2b66bad11827439054df8a304577119feb44245dc6167c6a02c369e950

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:33 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 114ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
143 B 121ms
48ms XHR
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:34 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
147 B 41ms
40ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1091357588&t=pageview&_s=1&dl=https%3A%2F%2Fua-dapamoga24.site%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=2038608893&gjid=224906353&cid=1970455335.1687952074&uid=0&tid=UA-51943557-1&_gid=1146080196.1687952074&_slc=1&gtm=45He36q0n71WKM63L&cd2=0&cd3=2000269&cd4=not%20authorized&cd6=2023-06-25%2008%3A19%3A00&cd7=2283&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&cd16=B&z=1984619320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 34ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51943557-1&cid=1970455335.1687952074&jid=2038608893&uid=0&gjid=224906353&_gid=1146080196.1687952074&_u=YCDAgEABAAAAAGAAI~&z=2092787728

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 33ms
33ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1091357588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fua-dapamoga24.site%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=https%3A%2F%2Fua-dapamoga24.site%2F&ev=568&_u=YCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1970455335.1687952074&uid=0&tid=UA-51943557-1&_gid=1146080196.1687952074&gtm=45He36q0n71WKM63L&cd2=0&cd3=2000269&cd4=not%20authorized&cd6=2023-06-25%2008%3A19%3A00&cd7=2283&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&cd16=B&z=149182591

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 03:50:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27869
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 320ms
112ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: c4027f9a-e5b6-f3e8-9914-629070d8eb9d

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
647 B 34ms
34ms Fetch
text/plain 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:33 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-571
cdn-cachedat: 06/27/2023 19:29:41
cdn-pullzone: 139012
x-ym-country: NL
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: 39e0b4502a4f10304642810e7af02339
accept-ranges: bytes
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 vast Show response
server.smartytech.io/ 0
252 B 159ms
47ms XHR
text/plain 167.235.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://server.smartytech.io/vast?id=28&referer=https%3A%2F%2Fua-dapamoga24.site%2F

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.235.242.31 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.31.242.235.167.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:34 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
x-content-type-options: nosniff
server: nginx

GET
H2 204 vpaid Show response
server.smartytech.io/ 0
251 B 163ms
52ms XHR
text/plain 167.235.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://server.smartytech.io/vpaid?id=36&referer=https%3A%2F%2Fua-dapamoga24.site%2F

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.235.242.31 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.31.242.235.167.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:34 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
x-content-type-options: nosniff
server: nginx

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
558 B 157ms
157ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 55ba7679f51eb2483e439600124f8cefda0e495d18d93d66e856b763c863b7c3

Request headers

Referer: https://ua-dapamoga24.site/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: nl-NL,nl;q=0.9
X-Amz-Date: 20230628T113433Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20230628/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=3890df0319dfe5afe64ae8e5c84ebecc35b0e42f108fc96c28535f7aecd198c6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: d8bde50d-abb0-5335-85ab-f8073ede4b40
Content-Length: 110
x-amz-id-2: 4qPR0DyUuoF0VRei6QGC8MaubWiWekBEf/VznYmYaL3X6oIfs3Iv/Z3Go4KcxPY95K+zL4I+HotRo9PACPbXfdkJ2+y3RRQZASLvl5sKIG8=
Content-Type: application/x-amz-json-1.1

POST
H2 200 load_playlist_attempt
ym-tack.b-cdn.net/ 0
0 444ms
369ms Ping
text/html 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_attempt?sellbe;NVR;https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json;4e43fa2d-5937-4ee3-bd71-986d62dbc564
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 videoSources.json Show response
cdn.membrana.media/video/nvr/ukr_desktop/ 1 KB
1 KB 42ms
42ms XHR
text/plain 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 31861a7106ddc56a6c73522f3e23fb7c36ef06e4c83413c6430f9b1931417f2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-164
cdn-cachedat: 06/27/2023 19:30:03
cdn-pullzone: 139012
last-modified: Mon, 26 Jun 2023 20:30:36 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 405
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6499f56c-5d6"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: dd18de9366a6945862d91bb93e3afa9f
timing-allow-origin: *
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 39 KB
11 KB 623ms
311ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9066890
x-jsd-version: 7.10.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10636
x-served-by: cache-fra-eddf8230071-FRA, cache-bom4735-BOM
x-jsd-version-type: version
etag: W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 video.min.js Show response
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 507 KB
144 KB 467ms
156ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4971544
x-jsd-version: 7.10.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 147322
x-served-by: cache-fra-eddf8230060-FRA, cache-bom4735-BOM
x-jsd-version-type: version
etag: W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 219ms
86ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51943557-1&cid=1970455335.1687952074&jid=2038608893&_u=YCDAgEABAAAAAGAAI~&z=1340066939

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 68ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51943557-1&cid=1970455335.1687952074&jid=2038608893&_u=YCDAgEABAAAAAGAAI~&z=1340066939

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1687952074023/
Redirect Chain

https://gaua.hit.gemius.pl/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-dapa...
https://gaua.hit.gemius.pl/__/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-d...

169 B
428 B

138ms
138ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-dapamoga24.site%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NzUrhl6R4YHjxCT6Q.WfMxLiI6LhoVtuIKjqwe2FVNP.x7ecZsObox3ep.xdn8jIUCFBbmVg8aVBnEzkNLoTJhyeZMdM/trwLw7wQfraPG/&fpdata=Dw56KzysLxmOLYuTOja__3kFygGy6RFx_9zwxIX78VP.c7&ltime=236&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=649c1ac92ece4fe5&brts=1687952074&fpcap=
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 8b48b1cc2bcb06c0416a15731713dbd3689da285246ca2eb5cb2c6b1a5699a21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Tue, 27 Jun 2023 11:34:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:34 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1687952074023/rexdot.js?l=100&sendf=24&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua-dapamoga24.site%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NzUrhl6R4YHjxCT6Q.WfMxLiI6LhoVtuIKjqwe2FVNP.x7ecZsObox3ep.xdn8jIUCFBbmVg8aVBnEzkNLoTJhyeZMdM/trwLw7wQfraPG/&fpdata=Dw56KzysLxmOLYuTOja__3kFygGy6RFx_9zwxIX78VP.c7&ltime=236&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=649c1ac92ece4fe5&brts=1687952074&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 27 Jun 2023 11:34:34 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 290ms
112ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: d29e1d8b-b1ef-d235-8f88-0081e806a369

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
558 B 118ms
118ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 139982534b7d9979df4d3d8821d665d08e64aa70269eb15543441dc4354fe130

Request headers

Referer: https://ua-dapamoga24.site/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: nl-NL,nl;q=0.9
X-Amz-Date: 20230628T113434Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20230628/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=acf75f60399432f2180dd82363abbee48df37528cb2cfeb34f32e5cb8ec7531a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 28 Jun 2023 11:34:34 GMT
x-amzn-RequestId: ddfc62ce-1c88-b05c-80ea-7fc44561c100
Content-Length: 110
x-amz-id-2: ri23ibAhQfbw9p+yvReOBi9wOhGFbbjLNDqcSv4grxrsYTezWA1jstvHEMh9GoP/iKaZr2uEE+4H1QQxBb4G60EELY4Bi6nq2hHjC4xFDx0=
Content-Type: application/x-amz-json-1.1

POST
H2 200 load_playlist_success
ym-tack.b-cdn.net/ 0
0 78ms
48ms Ping
text/html 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_success?sellbe;NVR;https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json;4e43fa2d-5937-4ee3-bd71-986d62dbc564
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 116ms
42ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ua-dapamoga24.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 710 B
736 B 107ms
106ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&eid=31073863%2C31075615&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=554646312&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1687952074134&lmt=1687952074&dlt=1687952073329&idt=772&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

579dbf4144ac668a0dd065e5edacfce1af7123658d13e0d0eca8ac3055710b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 363
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BBE7 6 KB
3 KB 140ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:34 GMT
expires: Thu, 27 Jun 2024 11:34:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 998ms
996ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&eid=31073863%2C31075615&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATF_728&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=2&adks=1075549639&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1687952074176&lmt=1687952074&dlt=1687952073329&idt=772&adxs=281&adys=510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=751x90&msz=728x0&fws=0&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9349d2554a3c206b0613cd2ff4f644d4ebbea63f92808ddc4dd07172c6e5cb52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 1217ms
1215ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&eid=31073863%2C31075615&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_SBR_300_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=3201223366&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1687952074180&lmt=1687952074&dlt=1687952073329&idt=772&adxs=1065&adys=425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f51c3189dc0ba2a5ea36883095d4930be678f33daedcb2b58cca7b637975072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12036
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 632 B
465 B 382ms
381ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&eid=31073863%2C31075615&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ITA_336_L_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&adks=1095840090&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1687952074185&lmt=1687952074&dlt=1687952073329&idt=772&adxs=307&adys=3238&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=751x280&msz=300x0&fws=0&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10a240b0e12bd8c1d5a83bf8c7e4cbceb6d887141baf1a850ec8fd8144808215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 632 B
462 B 825ms
824ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&eid=31073863%2C31075615&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ITA_336_R_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&adks=4062664702&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1687952074189&lmt=1687952074&dlt=1687952073329&idt=772&adxs=683&adys=3238&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=751x280&msz=300x0&fws=0&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c91ec11c4c97895064fab1b77c78921e47c0be1ce957249788f06a9820b7722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 125ms
43ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Wed, 28 Jun 2023 11:34:34 GMT

GET
BLOB 200
OK a9e4751d-f5bb-44e8-8d12-8f5b36ce14df
https://ua-dapamoga24.site/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ua-dapamoga24.site/a9e4751d-f5bb-44e8-8d12-8f5b36ce14df
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 106ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:34:34 GMT

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 102ms
51ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:34:35 GMT

GET
H2 200 videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 975 B
432 B 157ms
155ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9066891
x-jsd-version: 6.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 316
x-served-by: cache-fra-eddf8230065-FRA, cache-bom4735-BOM
x-jsd-version-type: version
etag: W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs.ads.min.js Show response
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 27 KB
8 KB 155ms
154ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9066892
x-jsd-version: 6.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7757
x-served-by: cache-fra-eddf8230041-FRA, cache-bom4735-BOM
x-jsd-version-type: version
etag: W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 3 KB
1 KB 155ms
154ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9066890
x-jsd-version: 1.9.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1033
x-served-by: cache-fra-eddf8230089-FRA, cache-bom4735-BOM
x-jsd-version-type: version
etag: W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs.ima.mod.min.js Show response
cdn.membrana.media/video/vast.vpaid/ 35 KB
8 KB 40ms
40ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs.ima.mod.min.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5592ad11c9602028561e12b5d951d8928b9ef7676e9a3b5e91b1a05e28d47678

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-storageserver: DE-165
cdn-cachedat: 06/27/2023 19:29:41
cdn-pullzone: 139012
last-modified: Fri, 24 Feb 2023 11:28:26 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 406
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f89f5a-8b5f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 80af4ed3cafb7f94231304186b0ca20e
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs_5.vast.vpaid.js Show response
cdn.membrana.media/video/vast.vpaid/ 136 KB
46 KB 33ms
33ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?d2fcd4|032493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 39796eaad0e0fa6be6905934cba22915fce7d551058bd2c0afed7c8dfdaab3a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-167
cdn-cachedat: 06/27/2023 19:29:41
cdn-pullzone: 139012
last-modified: Thu, 11 May 2023 13:52:38 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 37
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"645cf326-21e57"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: a95dd03d86645dad5bb497533b4a19a2
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame C08C 222 KB
61 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "bf95dc6813023782"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame C08C 15 KB
6 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame C08C 94 KB
28 KB 178ms
97ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "75041cf86819093a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame C08C 5 KB
2 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5f86339daf79d63d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame C08C 40 KB
13 KB 190ms
109ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "bf1167c9eaa58b59"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame C08C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a827f231446f72307ce00ebb5385806edf38e6ccd5eb2d66889016699ed0ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11170998625862094589
tpc.googlesyndication.com/simgad/ Frame C08C 8 KB
9 KB 109ms
36ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11170998625862094589?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmEFVn_fy0S70Empq81mYxWzQAQbA

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe7ab9a2b1d3153e9650da5c078341858c16e4ab1c2b50aa907b4b2a4b26fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:05:00 GMT
x-content-type-options: nosniff
age: 397775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8472
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 18:51:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jun 2024 21:05:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C08C 2 KB
3 KB 107ms
34ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:39:29 GMT
x-content-type-options: nosniff
server: cafe
age: 3306
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Jun 2023 10:39:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C08C 295 B
663 B 106ms
34ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:39:27 GMT
x-content-type-options: nosniff
server: cafe
age: 3308
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Jun 2023 10:39:27 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C08C 0
0 104ms
104ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdV1uyhqcZJzGO6OfnsEPkr25iArh9aKicJvumZigERQQASD0-edjYJGEoIWMGKAB7LPywAHIAQLgAgCoAwHIAwiqBOoBT9BOe2GYUlci3B8izwobW1YnFJDMqDMF8WTEbEnyoZ47gcWPN9dgtNZnUw86i2QgiJa5tkYDqhQWxLiAldhmPJIGco7w94jXGeAuwJbkPeJ1GztvzIZt9R7t0u6N6nvXxBNTYN0EqXFJRlXb77uakcS2cYphV3BNE8Afl75qCA7iX8wSZlkZhrgeyOQfDv1Mr3CM2eCBudrXITr-IJGzv98ccnH_MlaWqTtfgON7PaKROLTcGUK246ogtfKWH934Cu4jWyVbcNIEJBnBGBQCtw1RTWZ1yAdI1owltGeowth_ZnPhrYufMBLAwATf5Jz1tgTgBAGSBQQIBBgBkgUECAUYBKAGAoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCRwAjSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQxMDQ0OTE4MTA3MTMxNTAYg5sa&sigh=771w63PEodU&uach_m=[UACH]&cid=CAQSTABygQiD3h0ZVGh0IAKsAnHwOM0MH4DdvOE4nlsdiUM29dnx52I3EFKlbOz0qve8iJPwdWCDDMI6sFtxUno8_XfNfDpvXf1o_KNpX_MYAQ
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je36q0&_p=1091357588&cid=1970455335.1687952074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1687952073&sct=1&seg=0&dl=https%3A%2F%2Fua-dapamoga24.site%2F&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&en=Web%20Vitals&ep.is_paywall=0&epn.top_category_id=2283&ep.is_infinite=false&ep.is_evergreen=0&ep.paywall_user_id=0&ep.paywall_subscription=none&epn.EditorId=2000269&ep.allowLinker=true&ep.eventAction=FCP&epn.eventValue=568&ep.eventLabel=https%3A%2F%2Fua-dapamoga24.site%2F&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nv-own8-14403-20230626.webp
membrana-cdn.media/nvr/ukr_desktop/ 41 KB
41 KB 380ms
176ms Image
image/webp 91.194.251.83
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://membrana-cdn.media/nvr/ukr_desktop/nv-own8-14403-20230626.webp

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.194.251.83 Kyiv, Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

e59bc3f95612676055f9443cf98af615ca5692b8c6529121b8787bc88b6a8ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
strict-transport-security: max-age=63072000
last-modified: Mon, 26 Jun 2023 20:16:22 GMT
server: nginx
etag: "6499f216-a402"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 41986
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://ua-dapamoga24.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3C15 709 KB
226 KB 34ms
33ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 103950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 06:42:05 GMT
expires: Wed, 26 Jun 2024 06:42:05 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 186ms
59ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 11:34:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ua-dapamoga24.site

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame 3216 222 KB
61 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "bf95dc6813023782"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 3216 15 KB
5 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 3216 94 KB
28 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "75041cf86819093a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 3216 5 KB
2 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5f86339daf79d63d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 3216 40 KB
13 KB 68ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "bf1167c9eaa58b59"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3216 2 KB
3 KB 46ms
44ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:39:29 GMT
x-content-type-options: nosniff
server: cafe
age: 3306
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Jun 2023 10:39:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3216 295 B
353 B 46ms
44ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:39:27 GMT
x-content-type-options: nosniff
server: cafe
age: 3308
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Jun 2023 10:39:27 GMT

GET
DATA 200
OK truncated
/ Frame 3216 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ec447a406c039cd6deb4a844bad2285fb806e78f5706d6afb4847f695fcaaed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1640450815325365484
tpc.googlesyndication.com/simgad/ Frame 3216 72 KB
72 KB 45ms
44ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1640450815325365484?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkfKfM81mrKPbsTFqDJhkGikDSG9g

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17ca92f9208d83340fcd225cf97fa508058156ced116530e71a2004a044bcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 12:53:54 GMT
x-content-type-options: nosniff
age: 254441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73833
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:34:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Jun 2024 12:53:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3216 0
0 142ms
142ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9KMhyxqcZMSNCNuznsEPupCN-AylgMOgccqk6s_SEdakzrDpPBABIPT552NgkYSghYwYoAGAu8H6AsgBAqkCBwIVybBesj7gAgCoAwHIAwiqBPwBT9DreVRLLnfFWqk4LrK45InU5rOCUB6K6BnpURAYQljde92Nxdhz5-zlWi2FuLgDwY3NKaHu_0FThEysyfG6afsFuggoCEn4HP2Jfegj_QwnUWI7-BEqlSIrUKZlrMcJ1AoIQCs9w6Ph4IJRbHKqpxbijk6f-r4xjiOwRXf3gS6JZYoDWzLJQQc6Zsw7H7Ky4uxRBHEUgQ87p1SthR_ilyaD59uHzVZb9ZkHySHjEltQDlud9IUBWH_URM7HzQOnhLyEz3if51-__Ods1kRuy_HdYknNotCkBbMP7mZzbeaVvzrLip4Yi_-b9itlTe-P-wAcUt2k-apORFbfwASYvLKXugTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH6MS-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC50hbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQxMDQ0OTE4MTA3MTMxNTAYg5sa&sigh=UR9kT17t-PA&uach_m=[UACH]&cid=CAQSTABygQiDG5rpvluk8biOSbUTaP0Hv7gFaVFxes-CsSWNICuLadkgqYVpLNPEGJ0ll2jBHwNApFCdHydVOVm_eg7S3EiRtV3mDEP--sQYAQ
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C08C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

70ms
69ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Wed, 28 Jun 2023 11:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3C15 156 B
142 B 101ms
101ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=151118282248818&sz=400x300%7C640x480%7C480x360%7C1024x768&url=https%3A%2F%2Fua-dapamoga24.site%2F&npa=0&tfcd=0&description_url=https%3A%2F%2Fua-dapamoga24.site%2F&iu=%2F22308795431%2C271925883%2FNVR_DESKTOP_VIDEO%2FNVR_DESKTOP_VIDEO_SUPER_HIGH&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26video_request_time%3D3%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect%26notsy_pf%3De35344&ad_rule=0&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=445&ptt=20&adk=58621159&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fnvr%2Fukr_desktop%2Fnv-own8-14403-20230626-desktop.mp4&sid=22F88C2C-B419-443A-A332-0D98C016A090&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&dt=1687952075567&cookie=ID%3D952b273f050789c7%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MZN4nWuirP3coyMfbYyRLprZvnKMw&gpic=UID%3D00000c5e957fd416%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MYsWlp_t8pLvbh5Kwz3dfsmhhZ0lw&scor=2829749691768922&ged=ve4_td3_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3216
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

75ms
74ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Wed, 28 Jun 2023 11:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3C15 0
234 B 98ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljfn30z4&c=4161993301797&slotId=2080996650898.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 124ms
123ms XHR
text/plain 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
289 B 108ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:34 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
8 KB 131ms
131ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-28-167-177.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

4a520f82847b220623191b15eeaf35249274313792bc3d6cd02642b3d60974f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae04089b-2628-4ca8-b61b-97dedeb1fefa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
405 B 147ms
34ms XHR
application/json 54.93.223.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.223.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-223-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b4047a9ad7d523d9895103522092f911e9fdaf7762286b539795c5fbf76e1f42

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
333 B 57ms
56ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=864842
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c19c640ea87015dc384e1d5c1eaf387031ef63e87f9d52e392a6e6e381c0c5

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NY1N49cZf7y7tiL29X75ZZ8zJKfh3smbY3BOVa9Dnyej5X3wnLgKUatGPpr8%2BH4inPVF9gwkwlAD7i4dr%2FHCmjRtVfHY%2B6xAh70mkJI4J6bGt%2Bi17qVYHC9tscW9RKkMuXhDT6J"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7de59f192ef40b6a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
542 B 32ms
32ms XHR
application/json 52.28.167.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fua-dapamoga24.site%2F&tmax=2000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.167.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
405 B 27ms
27ms XHR
application/json 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 15fbf7427680ab5579ed803957068c442c087f561c4754359fa19ed26fcc45fb

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:35 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 27ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
142 B 33ms
32ms XHR
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:35 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 156ms
82ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9811dbb5f6e43eeb0d9cf8409bad72f2e892c1910e58f54b3a15b67309fb687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11336
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5D58 15 KB
6 KB 85ms
28ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua-dapamoga24.site

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 218516
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je36q0&_p=1091357588&cid=1970455335.1687952074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1687952073&sct=1&seg=0&dl=https%3A%2F%2Fua-dapamoga24.site%2F&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
33ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1091357588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fua-dapamoga24.site%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=https%3A%2F%2Fua-dapamoga24.site%2F&ev=371&_u=aCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1970455335.1687952074&uid=0&tid=UA-51943557-1&_gid=1146080196.1687952074&gtm=45He36q0n71WKM63L&cd2=0&cd3=2000269&cd4=not%20authorized&cd6=2023-06-25%2008%3A19%3A00&cd7=2283&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&cd16=B&z=267986254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18408
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
33ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1091357588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fua-dapamoga24.site%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Main%20Page&ea=500px&_u=aCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1970455335.1687952074&uid=0&tid=UA-51943557-1&_gid=1146080196.1687952074&gtm=45He36q0n71WKM63L&cd2=0&cd3=2000269&cd4=not%20authorized&cd6=2023-06-25%2008%3A19%3A00&cd7=2283&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&cd16=B&z=622404887

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18408
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1091357588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fua-dapamoga24.site%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Main%20Page&ea=1000px&_u=aCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1970455335.1687952074&uid=0&tid=UA-51943557-1&_gid=1146080196.1687952074&gtm=45He36q0n71WKM63L&cd2=0&cd3=2000269&cd4=not%20authorized&cd6=2023-06-25%2008%3A19%3A00&cd7=2283&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&cd16=B&z=59544722

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18408
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ 63 B
328 B 107ms
26ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 176e714061f0db61c7cf0562d84ac152d6cb0dde53b46f1215f4c6c3fbeae9a8

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Jun 2023 11:34:35 GMT
Server: nginx/1.21.3
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 63

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5D58
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ua-dapamoga24.site&sn=ChromeSyncframe&so=0&topUrl=ua-dapamoga24.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=1tP5AHxjd3UwWlZJUitIR0xESFRzRUJDeGpXVSt2TUIrN3FpQTUvMUdIeGdsQUl2eElTdWRuOFRrSVpZSGZ5YlUzdmxTK2VLWE5GT1RFQXh2a2FuOUhmdWpqbzBoY3RPL2c0QWh5eS9yZ3l6U3VTWkRDeVR5U2JkSmNLVD...

457 B
677 B

103ms
29ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1tP5AHxjd3UwWlZJUitIR0xESFRzRUJDeGpXVSt2TUIrN3FpQTUvMUdIeGdsQUl2eElTdWRuOFRrSVpZSGZ5YlUzdmxTK2VLWE5GT1RFQXh2a2FuOUhmdWpqbzBoY3RPL2c0QWh5eS9yZ3l6U3VTWkRDeVR5U2JkSmNLVDRVUVJYV296RHJFbnlsR0tTQVRweUYzYTByY2w4b3dPaXp6UXRvZG1SbXpyQWlpcHgyRGRrZ1NCNFZ5V2pKRkkwRFdVQ1dMenpGMWFORm5QYTl4NWJudGd5dTFVSmEyOGVESjAvNHZxQmZWaFRQeDhJWlRyVzc3cnhyM05YWjkwOW1ETzNDTitMd3d2UXdDVmQydDY0UkRqb09EemxuUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37dbaf0d597ff43a6d58a8ad718f349bcbfcc93c9bc08b8f70b3b8f90a74a36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1232752
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1tP5AHxjd3UwWlZJUitIR0xESFRzRUJDeGpXVSt2TUIrN3FpQTUvMUdIeGdsQUl2eElTdWRuOFRrSVpZSGZ5YlUzdmxTK2VLWE5GT1RFQXh2a2FuOUhmdWpqbzBoY3RPL2c0QWh5eS9yZ3l6U3VTWkRDeVR5U2JkSmNLVDRVUVJYV296RHJFbnlsR0tTQVRweUYzYTByY2w4b3dPaXp6UXRvZG1SbXpyQWlpcHgyRGRrZ1NCNFZ5V2pKRkkwRFdVQ1dMenpGMWFORm5QYTl4NWJudGd5dTFVSmEyOGVESjAvNHZxQmZWaFRQeDhJWlRyVzc3cnhyM05YWjkwOW1ETzNDTitMd3d2UXdDVmQydDY0UkRqb09EemxuUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 224641
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 11:34:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ua-dapamoga24.site

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3C15 156 B
142 B 104ms
104ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=4289165277555293&sz=400x300%7C640x480%7C480x360%7C1024x768&url=https%3A%2F%2Fua-dapamoga24.site%2F&npa=0&tfcd=0&description_url=https%3A%2F%2Fua-dapamoga24.site%2F&iu=%2F22308795431%2C271925883%2FNVR_DESKTOP_VIDEO%2FNVR_DESKTOP_VIDEO_HIGH&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26video_request_time%3D3%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2285%26section%3D2283%26article_id%3D50334088%26is_paywall%3Dfalse%26page_id%3Dpage_desktop%26traffic_source%3Ddirect%26notsy_pf%3D150d71&ad_rule=0&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=445&ptt=20&adk=58621159&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fnvr%2Fukr_desktop%2Fnv-own8-14403-20230626-desktop.mp4&sid=22F88C2C-B419-443A-A332-0D98C016A090&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&dlt=1687952073329&idt=2144&dt=1687952075936&cookie=ID%3D9f6ed587dfee2aff%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MY6J9-qnm_-scMqnNgAQJWYIFlEjA&gpic=UID%3D00000c5e95ce5e93%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MbdV-HD3pDKScAPlyyQOikiPPiaIw&scor=937612953216115&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5673 13 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 10:41:11 GMT
expires: Thu, 27 Jun 2024 10:41:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98CA 783 B
534 B 51ms
49ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c875220da6fd46aa0c4a731221ccc319f73d4faeb9544c64ae92187c9878376

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GEXFSTscEkIMu-q7aVPbbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GEXFSTscEkIMu-q7aVPbbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:36 GMT
expires: Wed, 28 Jun 2023 11:34:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5673 37 KB
14 KB 101ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 09:35:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3C15 0
54 B 30ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljfn315o&c=4161993301797&slotId=2080996650898.5&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98CA 0
0 113ms
67ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306220101&jk=2576535857942620&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1

200
OK

abdv Show response
ams3-ib.adnxs.com/
Redirect Chain

https://ams3-ib.adnxs.com/vast_track/v2?info=aAAAAAMArgAFAQnLGpxkAAAAABEqzwzzGMpDRRnLGpxkAAAAACDu2czOASgAMKALONpMQK2ugAFI6OjxAlD98J8OWL8MYgJOTGgBcAF4AIABAIgBAJABAJgBAKABAKgB7tnMzgGwAQE.&s=d6c68a360...
https://ams3-ib.adnxs.com/abdv?ro=1&an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QK...

5 KB
4 KB

36ms
35ms

XHR
text/html

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/abdv?ro=1&an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QKTLOgTFgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWTDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SACkRJNgxAAAAgOtR2D8w_fCfDjjaTECgC0hlUO7ZzM4BWOyYnAFgAGiekL0BeO_0BYABAYoBA1VTRJIBAQbwPJgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC6bpK6gJ1aHR0cHM6Ly9udi51YS91a3IBBPRtBmFpbmUvZXZlbnRzL2RvcG9tb2dhLXZpZC1vb24tMjAyMy1yb2NpLWh0by1vdHJpbWF5ZS0yLTIyMC1ncm4taS15YWstcG9kYXRpLXpheWF2a3UtNTAzMzQwODguaHRtbIADAIgDAZADAJgDF6ADAaoDiAcK0QZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNrQUVTeXhxY1pMUHVMSVdpLWdhN2dwOWcwWnJGcW5HdW1PU1JxaEhvay1uc3R6b1FBU0RtbDlZbFlKR0VvSVdNR01nQkJha0NCd0lWeWJCZXNqNm9Bd0hJQXhPWUJBQ3FCTklCVDlCaVFUV3ZRWERvODFkTjFqWk5iNDhjWkg3eHF6RzNEVmdsYVVZLTFXUktuUWdDd3dzcGVLT1NrcUY0c2Z3NGtLaU9TOHdsMHFSZjd4UXd4RXNiU2dDeThla1ZhR3Y4Y2hNVU9nVGdFdF9FeHZ5c1RSbXFFV3Z5Y3oxSHhfQXdzNFRCdmRaVnZGbUtSVXlDSFlkUHlIMkJreWtlT1ExNXI4WjZBWFZ5VUh5OXUtaEhUUWdtTjBYd2JBR2w4eTNkX0FsRW5GSjNTSnF2UjdvVmhQOGpOa1A0cWpYSWN2QXB4R1ZJdDRfN3hEaFlzc0oyMXVIUG5xbXJMSVAtenpOS05RTXVXaV9KZWtKMHh5c2F5OGlTNGJHNHdBVGVyYU92cXdUZ0JBT0lCZlBZbk1SS2tnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpPZ0FlMHdjXzdBNmdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY05FTzNZcndFWTFxdWc1Z0VnQk5JSUZnaUE0WUFRRUFFWVh6SUNxZ0k2QW9CQVNMMzl3VHJ5Q0E1aWFXUmtaWEl0TmpBMU9URXhNb0FLQk1nTEFiQVR3cHpzRThnVDBmQzA0Z1BRRXdEWUV3T0lGQVRZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD14Z3o3Qi0zMnpQSSZjbWQ9Q2hkallTMXdkV0l0TXpBM05qZzVNREF4TWpjME1UUTJOeEFBR0FFJnVhY2hfbT1bVUFDSF0mY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ5OTEwNTUwMjA1NjIzNzAzNDYiCTQzMzI2OTk5OCoHMjMxMzIzMToJNDgyODc0ODM4wAPgqAHIAwDYA6K4VuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjE0MqgEALIEDggAEAEYACAAKAIwADgCuAQAwAQAyAQA2gQCCAHgBADwBO7ZzM4BiAUBmAUAoAXkz7vq0NPdohDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_DPoFBAgAEACQBgGYBgCiBg45ODE4I0FNUzM6NjA4ObgGAMEGAAAAAAAA8D_QBqBO2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGhwEI1PVjEoABZWhUM1dsb0FBQUFEQUFrQ0JRRUk0dFNCQ2hDVXNjNERHTDZZLUFNZ0J5Z0FRTlRGM2dwSTFjWGVDbER4UTFqSkwzRUFBQUFBQUFBQUFIZ0FnUUVBQUFBQUFBQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXNRRUFBQUFBQUFBQUFBLi6ABwGIBwCSB4ofPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8-PFZBU1QgeG1sbnM6eHNpPSJodHRwczovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpub05hbWVzcGFjZVNjaGVtYUxvY2F0aW9uPSJ2YXN0LnhzZCIgdmVyc2lvbj0iMi4wIj48QWQgaWQ9IjQ4Mjg3NDgzOCI-PFdyYXBwZXI-PEFkU3lzdGVtPlhCaWQ8L0FkU3lzdGVtPjxWQVNUQWRUYWdVUkk-PCFbQ0RBVEFbsfgMYmlkLkb4BfBxZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtQVFkSUswcTVSV0NsangwOWJzU0dPcHdrX1dzODhkaW1aZjVGY3VTd2stUnFjc1NrSzhpdkU2UzQtSS1MOGJqMFJkaUlCa1JCZ0FjZzVjb3FFRV9IaEc2ZVItT2cmAWkAZA1p9EEORDBUc05aVjNKX1kzVDFVcWk1eEdtMHljZ1BTa09Zcnh4enIxWHVNYnoyWGlQZy1KNlRINVduN203aWM3SkRIVWlmQkszVkNHbFpCMnRzZURUN0VuNzhDSERUclBiSnNiU1NkNy1YQUFteHBGS0I2U29qVlBnZm5UX3ozeTVHNUYtdG5NeWs5OEZnMUlOZmFmb0ZtN3lwWDJ5c19LdjBTRWZzejM4RFV5Tk1qMjQxUml4NDdReXdhT3ZXbFpVWUpSSnlhYjB5UkFfaG9pUkpWdXRJbUllMklxX1JqTXQ2ay03UExaNUJsMjQzYjhFYW1IdTlUYzJxb19IUnktZ2c5RkxfendQajd1V2EzejdTQ0hFWm1TWlJ6UWFpNTV4ZmJVYU5HdlZkTmdCSUo3blQwUW5TTzJFdlhSR2xyWHRfcUZrdHpHci1nQ0JvbnlVdXNvYXZWRXRqNWM2N20yUWVidVk5UGhXU3BTNXQxczJjNkZza1RvWGwwbXdrVF9PMU1HWWlyUjRON1VicDRZRTV2eUxjQVVzS19mUk1rRzhRZ1VjRnEtR1VFRGdudzN1YjNON3liZTJNLW5ZTXZOLVpBRWdmNVZlMEV1SXNwM0MyeXRvSjZ1NVFFVW9fZkFqWDQ4WUxoVG9uWGJuYUU0Y2EzMl9sMkVYUUlRZlB0Zld4ZnZfODBLTWtxX3l4aHBTNnZSTV9HT2hEVEM5OVFIRmhRbm95NkQzRWxGYmxMY1hQbVlVbEtsankybkpfeW5vOFJ1cmVHbGJ4TFI3WVVUS2Z1dkpIVjB4MVJ5WVhjbzNRODJvcm45eEZjVXk5Y1RrY2NnUEt4MDdwQlluYVJtRGF0RlJWUmZwb3YxQTVpVEhzUFVQZEJYWVB3YWZGODRUcEtaTGVsTzRhV2NIcGtmSFRNelViU3N5cXBIWTZ4ZjBha1h0bFZ5cmE4MG9jQ2czM0NOVFl0cHhBOTBnMTEydUZuNTZJQmtsenIwdnpfWkVSZE41TC1HcE9IcnhsNjkzMUhPTVR6SXJ2VjVXeEZpT2VfUVdyX2xBU2tranNaa0VJZGVYWGRqMHdsdWNqMmVDNmw3UmxGZl8zdXc4dFIwN1duV1FzcEpTcVVuTENHdmNlZFdsYWRsUGVXUlVMbHAwQ25zVm5ERGszZk80TXFrUGVrbFJ1TkRwR1dkcVdYVGtkVnRyLThQcENaalpIR0pVdlJ4UG9YckZscWhrejFMZG5fQ0tHNjd6MVpqbkhwVVZMNTlRbTloZkp1NTRJS3lNdkd4WC0xLUExRHdlSEdTT3RXbmlYb0RsWmprTmlCNm1KUGtUaVA2VTFBYW4wNVNFUVM1anVvMHZlMXhyb2I0WFg5SVkxSUhxSkx3b3dNdEZ4QTNoRkZiQ1JqVXJwVFMwSXBreFJTOHFfdVNncV9aV1NQUG5oM2s2Umt2cUtFb0o0UGo1ajdKQmd1ZHB2ZzVtdDUzVHM5SUV5LTRpb3FQTEVoVU9WbGFZYnZmTHQ4RHY3WURfTGhKUHhET2dHamJ5aWdYUW5PSU9XcDh1eUxIeFdrWlZSZ2E2c3ZuTUoxb3lHMENuTkNFODIxVXZvOHRRdEZHVGhGdVNqMjhiZHdTaGhFTDVhYTlBNVBJd0Z5MDdxNU0wQkJrQ1ZxWGdibTQ0dFRWMDVKNi1IaHNxcjM3SnU2ZXkzTU0zaWlEUjZubWdvaDNjUGtWOXJmSUZ2V3owTjZuWW9pRTVzUlNkbVlVVFZMVWE1b0F6QWV5WmJhcUxXLW9rZ0xucjlmOTJFMklDQlpvOGJPcFBYNVhuR1htanZvVzY2aWx3MXMwekpJLXZ0ZElmdWx2V2ZsWk5taElGbHNYRXVUUmFwSDZ2NnY3dzdScHFDMFRrWUVuUU85RzJzeGZsZlp1WFJFQUVWQi1abmtBdFN3V1AtbnhaZnItbFp6QWllcUVtSkRTVmtCZTNxSXljdXpzV3ZtNnVvVUdVc2s0Z2diRFdoNHQ2WGt4alByZDBMMHcwZ2syVmxhbXZ5bmFwZGZIMlZXTTltX0pBcDJWb3ZzdG9KLUxWbUsyWmE4Um1McjBBX0NFYzlMemlSR1ljNE41ZWRzbThaMFlFX1FFZjFLdFdpRDZjT3NydVN1WEJqZXBZV3dKSXY5RS1MQWdmU0l4a3ZYWW91Rm1kRkZETVZNM2FLVnV0ZDdJVW9vc1BFWTRQaTdaYUp6U2p2V2NEZjkxVFpTUWs0bmlhN3JOTTVka2J4VlUtNS0yRldkb1NWeGU0RnRNMkZoX2RTMHd3ZWFzNFlGVWJGb21zT2gtUzRYOGEwT3A3T3hOeTJETmtQVGNVR0t3c3FaT3pzWnVnQWEtSU1tQTNiMjU2N2o0bmpMSk5GMENYamcwUFByaWZGMjk3SzJYWGdJOXdFcWttSk9BRjVCUklzOF9QQlFjMjZsOXRpdS0xZTJwYm81YjZjT2owcDQzWnZDdWpLNkliM2o1RENtY1FFRFBOUEdHa3lhdHlJMzZabjF6WnNHcE12Yk5ORVRaMVpxRUhYOGFtZEtFWHVMc1RhQ3RISUt2LXBQN3hZdm5udUdScHJwMFFkamk5dU1KbHkzN0tmc25GVjhVcVpid1hOYkVqMnVaUFNqcUZBbFBBNjFQWWZWQmpVZmdkcjNzbkRCaUREYWxLMDJZeHRBcHUzdU94VzlfUVB2ck8yTE1hTDhka1Y5V0RxckYtRFRqVnFRVVhJZEpubHVxcnRKLWxtNW05OE5Nazgxc3lMQzU0ZldWaGwyZ2dxbUJCV3ViN3NqOGw4ejA4eTMtTGFMZVh1dDY0VDh3aF9oUEsyTU9HeXdwN0xRNUhfMHRfWUotVzJKSVBuTklTVmRCQ1FMeUJqd1piZE5fLTBBMVB0YUVKdFNsYzFiZUp5Ty1QdjQxOEtpbEdreDlrcmhGREUzWFJReEpFd3Z3clZyb0taNGxfb29IZEtDMHd6M0pZNXc1NW5tS3d3aWhISW1LLUNMM0dkVkxlbmQ4SG9FV3o2Z2V6cGdGUjdmZjZXRzBTaFF0eWJaSTlwLVZOZ2hUQllPVElNSC1BQnNmWHRPQjZ2eXRRb21SZTNLaVpRa1B4N2xxRFgxeFdlYWp4MjRodm54VDM3blExVEpXeFN0bU5DTmRTUkJTNlR2UDBOZzhINjBtNld3NER2ZTVRem1Ra1BaVUpZTmNnYlUyNjBkV05OWUFsdDMtVlRxV2M5TE9vcEJrMmZ3cEhSOEc4dTVnMzBxVHpqWkxFMkc3RnUtejNHbDZlSDFVSmdIZzktZDhkNWE1M3I2cDI3b1NxblV3OWxiSTN1ekF6aTRlODV0aFNCR25BM2lHVGdQN3ZsRU1OTUVHNWpkdjNTZHRBUmx4Y19jZFBzcUJVMUJmaDBOaktzemE4ZWZmVU12ckE0ekthcURTZFVNQ05BN2x2Y0Vpd3o1WWhxN0RtWmRFN21hRVNJMnlvVFJYaEZoX29QMFBSS2xyZXhsVHhuNmtRODB1dW5kM19KNXphbzV6dUduejJqVktZSzduSnhCeEZwZHZ3ZkVhanZ1S3FSUHNLdTdfSVF4UHZJZFAxTWhzLU85Z0FySU9LMWRwNzhBX2JPcFdDZzZJRHlOTHRjOGpWRXpiQUNNcVBtM1hrWHhTYkZSZXBKdHpkeGFHWkdIN1hKOHZBQ0FXaGR0eDJucTBENS1tNGYxdlRJUng0TFRXenA1ZUdjREotakpDcFdvUFF2XzhDVjJSTUZMTkFFQU8tRndheUZ6SjNtQzVYUTRFOVZ1Q1BST3ZJdE9aUFhSY0dLVmRsSjdqdTEwVEllNmlacm5qdGp3ckU4MjJsTlJHeVB1RnJfREZKc19hcVFzLXRMX0ZiRUZyeDB6RGJCS19xbGkyS0hPUFBjd0N6SVNUckdSS1I4RXhfMkJaVzhkTEh0bWRjTEhrMGgxNTBpLWlPMXZ1TkhDNmE0d01SZmZtbXV4RFg1amlhUVlIRGt6WFFxc2Z5bWYzenNSY0lvRWFJMTh1Y2Jhdi1PZG9adTJHWEMwSzJKWjRRNkVHNWVfeHpDTXJmM2lMekZXWHdOM3drbFk4VVBPaU12TnNSUHVybUJtVnhkWXl0Uno4TFM2Y2UyMTlhUUhfdjlkdXQwekFub19XRWNXT3BwSUJyWUdRdWJBMnJlMGN1NjVCajlZb0VNaktMT0QxYW5CRWVWakxocVhTd3NhbVlWX3dWR2hPRnBmMDVGNzJVcmFJSUljMVVnTkpXX2VmNFN3bWNVS0I3UWJ6OTVWUWhnRmNvRm44YUR1MVFKQ21RcjVEWEZoTkRZY0c4R2Via2JvUkVWMm13aEZ0R08yTG1wMkdhUWI3eFhTUElSdmVTY21ZNlFwSG9OaUN5MlBnckZSOUhWQXhuSnk2VTRKSm1oRWY4N2dLSmJITk83RzJ0T2YyZ2drNnM4V09xQUFXWUQ5XzUyUUQyM0FJOXlnUVFnSE1rY0NfRjVsM0xFOHlMNVJBREFFWmFBNkg0MU5aRnJUcS1yMlF1VUVtUEsmY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCXV0-PC9WQVNUQWRUYWdVUkk-PENyZWF0aXZlcz48Q3JlYXRpdmUgaWQ9IjQ4Mjg3NDgzOCIgc2VxdWVuY2U9IjEiPjxMaW5lYXI-PC9MaW5lYXI-PC9DcmVhdGl2ZT48L0NyZWF0aXZlcz48L1dyYXBwZXI-PC9BZD48L1ZBU1Q-oAdAqgcLMjAwMDczMDAyMTHIB-_0BdIHDQkAAAAAAIBLQBAAGADaBwYIABAAGADgBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.&s=cb4bdd6d3781fd9e3ea306a92aca4ac7b4c8aff9

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

28e2d38fd14c6b2817ceb8b59e0fb068f47429f44cc90df920d44a89fddfd530

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:34:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e1d90303-1f85-4f34-9324-1d4157ca9c3d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 11:34:36 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 804ca9a6-c06c-43eb-8507-9da7d420b8a1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Location: https://ams3-ib.adnxs.com/abdv?ro=1&an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QKTLOgTFgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWTDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SACkRJNgxAAAAgOtR2D8w_fCfDjjaTECgC0hlUO7ZzM4BWOyYnAFgAGiekL0BeO_0BYABAYoBA1VTRJIBAQbwPJgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC6bpK6gJ1aHR0cHM6Ly9udi51YS91a3IBBPRtBmFpbmUvZXZlbnRzL2RvcG9tb2dhLXZpZC1vb24tMjAyMy1yb2NpLWh0by1vdHJpbWF5ZS0yLTIyMC1ncm4taS15YWstcG9kYXRpLXpheWF2a3UtNTAzMzQwODguaHRtbIADAIgDAZADAJgDF6ADAaoDiAcK0QZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNrQUVTeXhxY1pMUHVMSVdpLWdhN2dwOWcwWnJGcW5HdW1PU1JxaEhvay1uc3R6b1FBU0RtbDlZbFlKR0VvSVdNR01nQkJha0NCd0lWeWJCZXNqNm9Bd0hJQXhPWUJBQ3FCTklCVDlCaVFUV3ZRWERvODFkTjFqWk5iNDhjWkg3eHF6RzNEVmdsYVVZLTFXUktuUWdDd3dzcGVLT1NrcUY0c2Z3NGtLaU9TOHdsMHFSZjd4UXd4RXNiU2dDeThla1ZhR3Y4Y2hNVU9nVGdFdF9FeHZ5c1RSbXFFV3Z5Y3oxSHhfQXdzNFRCdmRaVnZGbUtSVXlDSFlkUHlIMkJreWtlT1ExNXI4WjZBWFZ5VUh5OXUtaEhUUWdtTjBYd2JBR2w4eTNkX0FsRW5GSjNTSnF2UjdvVmhQOGpOa1A0cWpYSWN2QXB4R1ZJdDRfN3hEaFlzc0oyMXVIUG5xbXJMSVAtenpOS05RTXVXaV9KZWtKMHh5c2F5OGlTNGJHNHdBVGVyYU92cXdUZ0JBT0lCZlBZbk1SS2tnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpPZ0FlMHdjXzdBNmdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY05FTzNZcndFWTFxdWc1Z0VnQk5JSUZnaUE0WUFRRUFFWVh6SUNxZ0k2QW9CQVNMMzl3VHJ5Q0E1aWFXUmtaWEl0TmpBMU9URXhNb0FLQk1nTEFiQVR3cHpzRThnVDBmQzA0Z1BRRXdEWUV3T0lGQVRZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD14Z3o3Qi0zMnpQSSZjbWQ9Q2hkallTMXdkV0l0TXpBM05qZzVNREF4TWpjME1UUTJOeEFBR0FFJnVhY2hfbT1bVUFDSF0mY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ5OTEwNTUwMjA1NjIzNzAzNDYiCTQzMzI2OTk5OCoHMjMxMzIzMToJNDgyODc0ODM4wAPgqAHIAwDYA6K4VuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjE0MqgEALIEDggAEAEYACAAKAIwADgCuAQAwAQAyAQA2gQCCAHgBADwBO7ZzM4BiAUBmAUAoAXkz7vq0NPdohDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_DPoFBAgAEACQBgGYBgCiBg45ODE4I0FNUzM6NjA4ObgGAMEGAAAAAAAA8D_QBqBO2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGBPIGhwEI1PVjEoABZWhUM1dsb0FBQUFEQUFrQ0JRRUk0dFNCQ2hDVXNjNERHTDZZLUFNZ0J5Z0FRTlRGM2dwSTFjWGVDbER4UTFqSkwzRUFBQUFBQUFBQUFIZ0FnUUVBQUFBQUFBQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXNRRUFBQUFBQUFBQUFBLi6ABwGIBwCSB4ofPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8-PFZBU1QgeG1sbnM6eHNpPSJodHRwczovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpub05hbWVzcGFjZVNjaGVtYUxvY2F0aW9uPSJ2YXN0LnhzZCIgdmVyc2lvbj0iMi4wIj48QWQgaWQ9IjQ4Mjg3NDgzOCI-PFdyYXBwZXI-PEFkU3lzdGVtPlhCaWQ8L0FkU3lzdGVtPjxWQVNUQWRUYWdVUkk-PCFbQ0RBVEFbsfgMYmlkLkb4BfBxZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtQVFkSUswcTVSV0NsangwOWJzU0dPcHdrX1dzODhkaW1aZjVGY3VTd2stUnFjc1NrSzhpdkU2UzQtSS1MOGJqMFJkaUlCa1JCZ0FjZzVjb3FFRV9IaEc2ZVItT2cmAWkAZA1p9EEORDBUc05aVjNKX1kzVDFVcWk1eEdtMHljZ1BTa09Zcnh4enIxWHVNYnoyWGlQZy1KNlRINVduN203aWM3SkRIVWlmQkszVkNHbFpCMnRzZURUN0VuNzhDSERUclBiSnNiU1NkNy1YQUFteHBGS0I2U29qVlBnZm5UX3ozeTVHNUYtdG5NeWs5OEZnMUlOZmFmb0ZtN3lwWDJ5c19LdjBTRWZzejM4RFV5Tk1qMjQxUml4NDdReXdhT3ZXbFpVWUpSSnlhYjB5UkFfaG9pUkpWdXRJbUllMklxX1JqTXQ2ay03UExaNUJsMjQzYjhFYW1IdTlUYzJxb19IUnktZ2c5RkxfendQajd1V2EzejdTQ0hFWm1TWlJ6UWFpNTV4ZmJVYU5HdlZkTmdCSUo3blQwUW5TTzJFdlhSR2xyWHRfcUZrdHpHci1nQ0JvbnlVdXNvYXZWRXRqNWM2N20yUWVidVk5UGhXU3BTNXQxczJjNkZza1RvWGwwbXdrVF9PMU1HWWlyUjRON1VicDRZRTV2eUxjQVVzS19mUk1rRzhRZ1VjRnEtR1VFRGdudzN1YjNON3liZTJNLW5ZTXZOLVpBRWdmNVZlMEV1SXNwM0MyeXRvSjZ1NVFFVW9fZkFqWDQ4WUxoVG9uWGJuYUU0Y2EzMl9sMkVYUUlRZlB0Zld4ZnZfODBLTWtxX3l4aHBTNnZSTV9HT2hEVEM5OVFIRmhRbm95NkQzRWxGYmxMY1hQbVlVbEtsankybkpfeW5vOFJ1cmVHbGJ4TFI3WVVUS2Z1dkpIVjB4MVJ5WVhjbzNRODJvcm45eEZjVXk5Y1RrY2NnUEt4MDdwQlluYVJtRGF0RlJWUmZwb3YxQTVpVEhzUFVQZEJYWVB3YWZGODRUcEtaTGVsTzRhV2NIcGtmSFRNelViU3N5cXBIWTZ4ZjBha1h0bFZ5cmE4MG9jQ2czM0NOVFl0cHhBOTBnMTEydUZuNTZJQmtsenIwdnpfWkVSZE41TC1HcE9IcnhsNjkzMUhPTVR6SXJ2VjVXeEZpT2VfUVdyX2xBU2tranNaa0VJZGVYWGRqMHdsdWNqMmVDNmw3UmxGZl8zdXc4dFIwN1duV1FzcEpTcVVuTENHdmNlZFdsYWRsUGVXUlVMbHAwQ25zVm5ERGszZk80TXFrUGVrbFJ1TkRwR1dkcVdYVGtkVnRyLThQcENaalpIR0pVdlJ4UG9YckZscWhrejFMZG5fQ0tHNjd6MVpqbkhwVVZMNTlRbTloZkp1NTRJS3lNdkd4WC0xLUExRHdlSEdTT3RXbmlYb0RsWmprTmlCNm1KUGtUaVA2VTFBYW4wNVNFUVM1anVvMHZlMXhyb2I0WFg5SVkxSUhxSkx3b3dNdEZ4QTNoRkZiQ1JqVXJwVFMwSXBreFJTOHFfdVNncV9aV1NQUG5oM2s2Umt2cUtFb0o0UGo1ajdKQmd1ZHB2ZzVtdDUzVHM5SUV5LTRpb3FQTEVoVU9WbGFZYnZmTHQ4RHY3WURfTGhKUHhET2dHamJ5aWdYUW5PSU9XcDh1eUxIeFdrWlZSZ2E2c3ZuTUoxb3lHMENuTkNFODIxVXZvOHRRdEZHVGhGdVNqMjhiZHdTaGhFTDVhYTlBNVBJd0Z5MDdxNU0wQkJrQ1ZxWGdibTQ0dFRWMDVKNi1IaHNxcjM3SnU2ZXkzTU0zaWlEUjZubWdvaDNjUGtWOXJmSUZ2V3owTjZuWW9pRTVzUlNkbVlVVFZMVWE1b0F6QWV5WmJhcUxXLW9rZ0xucjlmOTJFMklDQlpvOGJPcFBYNVhuR1htanZvVzY2aWx3MXMwekpJLXZ0ZElmdWx2V2ZsWk5taElGbHNYRXVUUmFwSDZ2NnY3dzdScHFDMFRrWUVuUU85RzJzeGZsZlp1WFJFQUVWQi1abmtBdFN3V1AtbnhaZnItbFp6QWllcUVtSkRTVmtCZTNxSXljdXpzV3ZtNnVvVUdVc2s0Z2diRFdoNHQ2WGt4alByZDBMMHcwZ2syVmxhbXZ5bmFwZGZIMlZXTTltX0pBcDJWb3ZzdG9KLUxWbUsyWmE4Um1McjBBX0NFYzlMemlSR1ljNE41ZWRzbThaMFlFX1FFZjFLdFdpRDZjT3NydVN1WEJqZXBZV3dKSXY5RS1MQWdmU0l4a3ZYWW91Rm1kRkZETVZNM2FLVnV0ZDdJVW9vc1BFWTRQaTdaYUp6U2p2V2NEZjkxVFpTUWs0bmlhN3JOTTVka2J4VlUtNS0yRldkb1NWeGU0RnRNMkZoX2RTMHd3ZWFzNFlGVWJGb21zT2gtUzRYOGEwT3A3T3hOeTJETmtQVGNVR0t3c3FaT3pzWnVnQWEtSU1tQTNiMjU2N2o0bmpMSk5GMENYamcwUFByaWZGMjk3SzJYWGdJOXdFcWttSk9BRjVCUklzOF9QQlFjMjZsOXRpdS0xZTJwYm81YjZjT2owcDQzWnZDdWpLNkliM2o1RENtY1FFRFBOUEdHa3lhdHlJMzZabjF6WnNHcE12Yk5ORVRaMVpxRUhYOGFtZEtFWHVMc1RhQ3RISUt2LXBQN3hZdm5udUdScHJwMFFkamk5dU1KbHkzN0tmc25GVjhVcVpid1hOYkVqMnVaUFNqcUZBbFBBNjFQWWZWQmpVZmdkcjNzbkRCaUREYWxLMDJZeHRBcHUzdU94VzlfUVB2ck8yTE1hTDhka1Y5V0RxckYtRFRqVnFRVVhJZEpubHVxcnRKLWxtNW05OE5Nazgxc3lMQzU0ZldWaGwyZ2dxbUJCV3ViN3NqOGw4ejA4eTMtTGFMZVh1dDY0VDh3aF9oUEsyTU9HeXdwN0xRNUhfMHRfWUotVzJKSVBuTklTVmRCQ1FMeUJqd1piZE5fLTBBMVB0YUVKdFNsYzFiZUp5Ty1QdjQxOEtpbEdreDlrcmhGREUzWFJReEpFd3Z3clZyb0taNGxfb29IZEtDMHd6M0pZNXc1NW5tS3d3aWhISW1LLUNMM0dkVkxlbmQ4SG9FV3o2Z2V6cGdGUjdmZjZXRzBTaFF0eWJaSTlwLVZOZ2hUQllPVElNSC1BQnNmWHRPQjZ2eXRRb21SZTNLaVpRa1B4N2xxRFgxeFdlYWp4MjRodm54VDM3blExVEpXeFN0bU5DTmRTUkJTNlR2UDBOZzhINjBtNld3NER2ZTVRem1Ra1BaVUpZTmNnYlUyNjBkV05OWUFsdDMtVlRxV2M5TE9vcEJrMmZ3cEhSOEc4dTVnMzBxVHpqWkxFMkc3RnUtejNHbDZlSDFVSmdIZzktZDhkNWE1M3I2cDI3b1NxblV3OWxiSTN1ekF6aTRlODV0aFNCR25BM2lHVGdQN3ZsRU1OTUVHNWpkdjNTZHRBUmx4Y19jZFBzcUJVMUJmaDBOaktzemE4ZWZmVU12ckE0ekthcURTZFVNQ05BN2x2Y0Vpd3o1WWhxN0RtWmRFN21hRVNJMnlvVFJYaEZoX29QMFBSS2xyZXhsVHhuNmtRODB1dW5kM19KNXphbzV6dUduejJqVktZSzduSnhCeEZwZHZ3ZkVhanZ1S3FSUHNLdTdfSVF4UHZJZFAxTWhzLU85Z0FySU9LMWRwNzhBX2JPcFdDZzZJRHlOTHRjOGpWRXpiQUNNcVBtM1hrWHhTYkZSZXBKdHpkeGFHWkdIN1hKOHZBQ0FXaGR0eDJucTBENS1tNGYxdlRJUng0TFRXenA1ZUdjREotakpDcFdvUFF2XzhDVjJSTUZMTkFFQU8tRndheUZ6SjNtQzVYUTRFOVZ1Q1BST3ZJdE9aUFhSY0dLVmRsSjdqdTEwVEllNmlacm5qdGp3ckU4MjJsTlJHeVB1RnJfREZKc19hcVFzLXRMX0ZiRUZyeDB6RGJCS19xbGkyS0hPUFBjd0N6SVNUckdSS1I4RXhfMkJaVzhkTEh0bWRjTEhrMGgxNTBpLWlPMXZ1TkhDNmE0d01SZmZtbXV4RFg1amlhUVlIRGt6WFFxc2Z5bWYzenNSY0lvRWFJMTh1Y2Jhdi1PZG9adTJHWEMwSzJKWjRRNkVHNWVfeHpDTXJmM2lMekZXWHdOM3drbFk4VVBPaU12TnNSUHVybUJtVnhkWXl0Uno4TFM2Y2UyMTlhUUhfdjlkdXQwekFub19XRWNXT3BwSUJyWUdRdWJBMnJlMGN1NjVCajlZb0VNaktMT0QxYW5CRWVWakxocVhTd3NhbVlWX3dWR2hPRnBmMDVGNzJVcmFJSUljMVVnTkpXX2VmNFN3bWNVS0I3UWJ6OTVWUWhnRmNvRm44YUR1MVFKQ21RcjVEWEZoTkRZY0c4R2Via2JvUkVWMm13aEZ0R08yTG1wMkdhUWI3eFhTUElSdmVTY21ZNlFwSG9OaUN5MlBnckZSOUhWQXhuSnk2VTRKSm1oRWY4N2dLSmJITk83RzJ0T2YyZ2drNnM4V09xQUFXWUQ5XzUyUUQyM0FJOXlnUVFnSE1rY0NfRjVsM0xFOHlMNVJBREFFWmFBNkg0MU5aRnJUcS1yMlF1VUVtUEsmY2lkPUNBUVNHd0J5Z1FpRGhWMTNqdUtVbFZER01GbkpEQnFLUE1GUFRkV0dqQmdCXV0-PC9WQVNUQWRUYWdVUkk-PENyZWF0aXZlcz48Q3JlYXRpdmUgaWQ9IjQ4Mjg3NDgzOCIgc2VxdWVuY2U9IjEiPjxMaW5lYXI-PC9MaW5lYXI-PC9DcmVhdGl2ZT48L0NyZWF0aXZlcz48L1dyYXBwZXI-PC9BZD48L1ZBU1Q-oAdAqgcLMjAwMDczMDAyMTHIB-_0BdIHDQkAAAAAAIBLQBAAGADaBwYIABAAGADgBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.&s=cb4bdd6d3781fd9e3ea306a92aca4ac7b4c8aff9
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ab Show response
ams3-ib.adnxs.com/ 10 KB
8 KB 27ms
27ms XHR
application/xml 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&k=499105502056237034616879520757950721939670682845&s=bff923c12b0320858edb2d0e96eb14409c7412e0&f=LQAAAAMAex8FAQjaTBCgCxju2czOASDLtfCkBiiqnrOYj8PyoUUwAzj98J8O&t=1687952075

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

686c4954e0c184d74c803eb1eb2f4dbc3ea83c1bbf703f96b109c245a7094aba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:34:36 GMT
Content-Encoding: gzip
X-Creative-ID: 433269998
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 15ce855b-b37b-4fa3-8c20-a9650a6ec31d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5673 0
10 B 33ms
32ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U3_z0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK anwrapper-1.1017.0.js Show response
acdn.adnxs-simple.com/vx/static/w/ Frame 01B6 170 KB
49 KB 112ms
26ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 63f0aa34f369c2898acc76d46428ebef1b3d9a31375080671d113abb6d9b0008

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Wed, 06 Dec 2023 15:03:37 GMT
Date: Wed, 28 Jun 2023 11:34:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 17613059
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 49513
X-Served-By: cache-lga21924-LGA, cache-ams21043-AMS
Last-Modified: Tue, 06 Dec 2022 09:24:20 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1687952076.378677,VS0,VE0
ETag: W/"638f0a44-2a7e5"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 62845, 207228

POST
H2 204 pack
rb.adnxs-simple.com/ Frame 01B6 0
273 B 169ms
46ms Ping
text/plain 185.89.208.172
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.89.208.172 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 68.ratbait.prod.ams3.adnexus.net
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ua-dapamoga24.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ua-dapamoga24.site
date: Wed, 28 Jun 2023 11:34:36 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ 20 KB
5 KB 196ms
76ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AQdIK0q5RWCljx09bsSGOpwk_Ws88dimZf5FcuSwk-RqcsSkK8ivE6S4-I-L8bj0RdiIBkRBgAcg5coqEE_HhG6eR-Og&dbm_d=AKAmf-D0TsNZV3J_Y3T1Uqi5xGm0ycgPSkOYrxxzr1XuMbz2XiPg-J6TH5Wn7m7ic7JDHUifBK3VCGlZB2tseDT7En78CHDTrPbJsbSSd7-XAAmxpFKB6SojVPgfnT_z3y5G5F-tnMyk98Fg1INfafoFm7ypX2ys_Kv0SEfsz38DUyNMj241Rix47QywaOvWlZUYJRJyab0yRA_hoiRJVutImIe2Iq_RjMt6k-7PLZ5Bl243b8EamHu9Tc2qo_HRy-gg9FL_zwPj7uWa3z7SCHEZmSZRzQai55xfbUaNGvVdNgBIJ7nT0QnSO2EvXRGlrXt_qFktzGr-gCBonyUusoavVEtj5c67m2QebuY9PhWSpS5t1s2c6FskToXl0mwkT_O1MGYirR4N7Ubp4YE5vyLcAUsK_fRMkG8QgUcFq-GUEDgnw3ub3N7ybe2M-nYMvN-ZAEgf5Ve0EuIsp3C2ytoJ6u5QEUo_fAjX48YLhTonXbnaE4ca32_l2EXQIQfPtfWxfv_80KMkq_yxhpS6vRM_GOhDTC99QHFhQnoy6D3ElFblLcXPmYUlKljy2nJ_yno8RureGlbxLR7YUTKfuvJHV0x1RyYXco3Q82orn9xFcUy9cTkccgPKx07pBYnaRmDatFRVRfpov1A5iTHsPUPdBXYPwafF84TpKZLelO4aWcHpkfHTMzUbSsyqpHY6xf0akXtlVyra80ocCg33CNTYtpxA90g112uFn56IBklzr0vz_ZERdN5L-GpOHrxl6931HOMTzIrvV5WxFiOe_QWr_lASkkjsZkEIdeXXdj0wlucj2eC6l7RlFf_3uw8tR07WnWQspJSqUnLCGvcedWladlPeWRULlp0CnsVnDDk3fO4MqkPeklRuNDpGWdqWXTkdVtr-8PpCZjZHGJUvRxPoXrFlqhkz1Ldn_CKG67z1ZjnHpUVL59Qm9hfJu54IKyMvGxX-1-A1DweHGSOtWniXoDlZjkNiB6mJPkTiP6U1Aan05SEQS5juo0ve1xrob4XX9IY1IHqJLwowMtFxA3hFFbCRjUrpTS0IpkxRS8q_uSgq_ZWSPPnh3k6RkvqKEoJ4Pj5j7JBgudpvg5mt53Ts9IEy-4ioqPLEhUOVlaYbvfLt8Dv7YD_LhJPxDOgGjbyigXQnOIOWp8uyLHxWkZVRga6svnMJ1oyG0CnNCE821Uvo8tQtFGThFuSj28bdwShhEL5aa9A5PIwFy07q5M0BBkCVqXgbm44tTV05J6-Hhsqr37Ju6ey3MM3iiDR6nmgoh3cPkV9rfIFvWz0N6nYoiE5sRSdmYUTVLUa5oAzAeyZbaqLW-okgLnr9f92E2ICBZo8bOpPX5XnGXmjvoW66ilw1s0zJI-vtdIfulvWflZNmhIFlsXEuTRapH6v6v7w7RpqC0TkYEnQO9G2sxflfZuXREAEVB-ZnkAtSwWP-nxZfr-lZzAieqEmJDSVkBe3qIycuzsWvm6uoUGUsk4ggbDWh4t6XkxjPrd0L0w0gk2VlamvynapdfH2VWM9m_JAp2VovstoJ-LVmK2Za8RmLr0A_CEc9LziRGYc4N5edsm8Z0YE_QEf1KtWiD6cOsruSuXBjepYWwJIv9E-LAgfSIxkvXYouFmdFFDMVM3aKVutd7IUoosPEY4Pi7ZaJzSjvWcDf91TZSQk4nia7rNM5dkbxVU-5-2FWdoSVxe4FtM2Fh_dS0wweas4YFUbFomsOh-S4X8a0Op7OxNy2DNkPTcUGKwsqZOzsZugAa-IMmA3b2567j4njLJNF0CXjg0PPrifF297K2XXgI9wEqkmJOAF5BRIs8_PBQc26l9tiu-1e2pbo5b6cOj0p43ZvCujK6Ib3j5DCmcQEDPNPGGkyatyI36Zn1zZsGpMvbNNETZ1ZqEHX8amdKEXuLsTaCtHIKv-pP7xYvnnuGRprp0Qdji9uMJly37KfsnFV8UqZbwXNbEj2uZPSjqFAlPA61PYfVBjUfgdr3snDBiDDalK02YxtApu3uOxW9_QPvrO2LMaL8dkV9WDqrF-DTjVqQUXIdJnluqrtJ-lm5m98NMk81syLC54fWVhl2ggqmBBWub7sj8l8z08y3-LaLeXut64T8wh_hPK2MOGywp7LQ5H_0t_YJ-W2JIPnNISVdBCQLyBjwZbdN_-0A1PtaEJtSlc1beJyO-Pv418KilGkx9krhFDE3XRQxJEwvwrVroKZ4l_ooHdKC0wz3JY5w55nmKwwihHImK-CL3GdVLend8HoEWz6gezpgFR7ff6WG0ShQtybZI9p-VNghTBYOTIMH-ABsfXtOB6vytQomRe3KiZQkPx7lqDX1xWeajx24hvnxT37nQ1TJWxStmNCNdSRBS6TvP0Ng8H60m6Ww4Dve5QzmQkPZUJYNcgbU260dWNNYAlt3-VTqWc9LOopBk2fwpHR8G8u5g30qTzjZLE2G7Fu-z3Gl6eH1UJgHg9-d8d5a53r6p27oSqnUw9lbI3uzAzi4e85thSBGnA3iGTgP7vlEMNMEG5jdv3SdtARlxc_cdPsqBU1Bfh0NjKsza8effUMvrA4zKaqDSdUMCNA7lvcEiwz5Yhq7DmZdE7maESI2yoTRXhFh_oP0PRKlrexlTxn6kQ80uund3_J5zao5zuGnz2jVKYK7nJxBxFpdvwfEajvuKqRPsKu7_IQxPvIdP1Mhs-O9gArIOK1dp78A_bOpWCg6IDyNLtc8jVEzbACMqPm3XkXxSbFRepJtzdxaGZGH7XJ8vACAWhdtx2nq0D5-m4f1vTIRx4LTWzp5eGcDJ-jJCpWoPQv_8CV2RMFLNAEAO-FwayFzJ3mC5XQ4E9VuCPROvItOZPXRcGKVdlJ7ju10TIe6iZrnjtjwrE822lNRGyPuFr_DFJs_aqQs-tL_FbEFrx0zDbBK_qli2KHOPPcwCzISTrGRKR8Ex_2BZW8dLHtmdcLHk0h150i-iO1vuNHC6a4wMRffmmuxDX5jiaQYHDkzXQqsfymf3zsRcIoEaI18ucbav-OdoZu2GXC0K2JZ4Q6EG5e_xzCMrf3iLzFWXwN3wklY8UPOiMvNsRPurmBmVxdYytRz8LS6ce219aQH_v9dut0zAno_WEcWOppIBrYGQubA2re0cu65Bj9YoEMjKLOD1anBEeVjLhqXSwsamYV_wVGhOFpf05F72UraIIIc1UgNJW_ef4SwmcUKB7Qbz95VQhgFcoFn8aDu1QJCmQr5DXFhNDYcG8GebkboREV2mwhFtGO2Lmp2GaQb7xXSPIRveScmY6QpHoNiCy2PgrFR9HVAxnJy6U4JJmhEf87gKJbHNO7G2tOf2ggk6s8WOqAAWYD9_52QD23AI9ygQQgHMkcC_F5l3LE8yL5RADAEZaA6H41NZFrTq-r2QuUEmPK&cid=CAQSGwBygQiDhV13juKUlVDGMFnJDBqKPMFPTdWGjBgB

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

3a8b9b8df9246fec21066ff0389edb143b29064f2e3d6e19e416015839eadd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4674
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4A42 52 KB
17 KB 165ms
38ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:34:36 GMT
ETag: "623de86a-cf34"
Expires: Thu, 29 Jun 2023 11:34:38 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C08C 42 B
64 B 71ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_VEE8c_9IfDqitByPZXwhp1NaxOO0s2cXDXKzCNTmK5w4jPRV-TzMPgO8SySvBgGkGqsBWRYF3OV715bhuo-BIHN7e_7tITizrjUMlPpTI4KJf7Drhx-DDcldXQd0R0r59ZMlTIFbVeOJ&sai=AMfl-YTf2nwivKtmtK6mvvRENmOZBQ4SaBgr2HAM3KqqISVlVQ6G_Ns_658DDsoa6ZwOK9fXpFUT0PwrOJNJi_Q7BI2m7-5h-MygUc9VyzqihyI2aM1ZT96m1Ne7pt_VLVuf4B2hWVmxToaVR-MWrQ&sig=Cg0ArKJSzM1SqUQrPizwEAE&cid=CAQSTABygQiD3h0ZVGh0IAKsAnHwOM0MH4DdvOE4nlsdiUM29dnx52I3EFKlbOz0qve8iJPwdWCDDMI6sFtxUno8_XfNfDpvXf1o_KNpX_MYAQ&id=ampim&o=281,465&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=406&tls=1406&g=100&h=100&tt=1406&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3216 42 B
64 B 70ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5J9cOlNpgA94rAsM_C-Y9jIvEBs4mc5ISApMohAJ9T1dWz0zo-JFOhmJ-jkyuCQas8B6aNaLJ0Lacg9x0nu_Sjz70HJuHuTiUR4bRBghrlx1tqiyJiOYhpKTVR24FRTaUzjPqpT4RjsNp&sai=AMfl-YT6IP3Pa3EW0gdtG5im1rNVUn1atVLM7ZOmpKuQs_vUi75PxAzYfpvOc1_Ftw6DJnJsGrcZlnpUIADGtsa42puUMPjsPdSOzoIPcw15PJVj2BxohMtifju_oeMIcod3w5mWh49kQT77EPgnVA&sig=Cg0ArKJSzAoTBeOsdYDGEAE&cid=CAQSTABygQiDG5rpvluk8biOSbUTaP0Hv7gFaVFxes-CsSWNICuLadkgqYVpLNPEGJ0ll2jBHwNApFCdHydVOVm_eg7S3EiRtV3mDEP--sQYAQ&id=ampim&o=1065,425&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=169&tls=1169&g=100&h=100&tt=1169&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B5BE 44 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

985d9545fa2109107b5f08154a6cef6984a8c8751f75cd9d653c22b04f231eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16093
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 16:37:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 28 Jun 2023 11:48:08 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B5BE 361 KB
120 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Wed, 28 Jun 2023 11:34:36 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5BE 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.10158577130515778&wt=1687952076697&sdkv=h.3.578.0&xai=AKAOjsvHmuX39rJanYjZqixLIf2qJUsEqzXK6MHZensEwVMPvmitD6Pg56Mz0SbdWvYBPApfCI8orJ3_lz5khvCkj_A71ttARk1d_E4R5xpDzxcPzWuLZ7r2gnPZUOoPpuBeeOe_OOc8MLOf1ajASz5Cr-5lJ_VIQwu-y-3opTahSonJ5bOFNjvgP5PmDg9i1rcUkLhdMw4xNFMlbBGOrLAbjquXRENI1ONYymOn7ANv2CNUqpEr_9liZucuI_eW1z66s8ZbKVr_0e0VPrrLiY2WWJYgFAiE_Ef9ggR-53IhPxvV8nDLYCYnKO7UMVJ1idZWqBnpnxKH3FNr51Gs7S6Lb9wZE8QcMhh5ZWDZDPUzUJR265fkiunEzjea7LJZSusd-g_TkW_wofEOZC-UR5mYB8IyhdZdLkJegeFpV7b01TkLMjOsVLZO6QqcO4TG5Kk5HAttLHQQOPP974ZiVZDrfBvbAgSy609wd39oZn3QV-ATWs6Rzg-_OMxX3G6ND6bv4YCTjsFSy70bJZp28SVugywoEUN9JSNhbKcez7r3f055BrVdSXEprY_TsWRcZxzT3sC5rJYg7M4azkMeMsTa91xgklyfLSwURcI6HG1u132sV6C0kAQ39q_t4YBrtWuMWHPMrz-MNLbRJSM39TjA5_5kpeVqvzyNIklAd0B_IQ02mzcU5usnEDALrcrmSVnUBqL7SwG0oDaQaCUtefvw8WPGm5BoHUftE38SzifbuKO6MGPnXaLb6qnoAwspAvENUoTVee4bAsfjmTHbfsx81w_avOTx2P-uoDnIWXEHGR5waDLsR0Vm5DOFGJ44DujM_Dipc8qj2s8-xlqcfblb6H0qrSTUABsbrId3AFNj7Zgehf8HLcI1ipy_4czpKQXXHWqq98nRTEwYQyCjqkd3JMFAX12YL2jl0ukgcj1CoZh_ElOBn2Ri37gul4cGwSAFpwIJpaPv17eukKBdbOOLLOvmaGlbMuL9tfJE3q-BNm8YBLfs3V4QkJdTlpAQbdBL9vHjU4_U5xyQHm6Epy9fg9VJnxdhXiABz5UD2eAO81wcsDCoRecbhA2c8fU1Jx9c9_jBmTmDYRuoTLOG0T7XArxXXrWinFwSA4Zc-eWTOxKs16X-FCw6A7z1xvDUlJtbNgJ683pYLedIupnprfsPdb9PO6jd1Q&aid=555251631&len=00%3A00%3A15&url=2,https%3A%2F%2Fua-dapamoga24.site%2F$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 01B6 42 B
401 B 230ms
96ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=16;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4A42 0
861 B 38ms
37ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:36 GMT
AN-X-Request-Uuid: 527c4631-0f21-495d-be96-4e6ea5a19d40
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306220101&jk=2576535857942620&bg=!NzSlNGDNAAYQ3eRoMN07ADkAdvg8Whp7nYxermPZ939bHlNvO81Uj-AvUUiU3j9gIiyThV1eOX6qFlBwXAfCnz8118Du0hiZwMkCAAAAi1IAAAAEaAEHCgCCozi65y-dwHkvynfxSNQdsBltKRyJBzVqDTFrrT6Un7K3oB3oitiyZiltOeiN1WH0rkRU56YRFcLhG5rjKB8mFJrevT2CgLoeLwHv6rmn_diH4ZTn6TX2nlj8keEjOIFJVeOx_gxDfvJSWFcTAqSqmJhw5DlrqCwI14StYZ90lu89S5kCq6_6y9s7AUEshqRHcr7aHJwCk2k7inEepMT5B0-mjAJH-MlkUTsB1RovLb-FvJg5h1aQnBp2XuJvtUY5wP3mOJt8UbM8c6qP17Eqe7Ke7vk3Zb8LnOyh_e1kkO-QbIujxcIz3vf-216l6rxueqHiX4sq7Dry6H1Pz2w62ti14Ghryv_s5e4L1SQIc6N896qRS7_TMl_-kvosjGcYIgndPB8okRuzvROfVQn5WfpKgfyqaiiu3x8gqapdGAL1Fhad5ubFebVDCFVNtxWD7hneRstcuz28ziaQCRrSCEKrH4W3okNRMtKJ-gsu-DMNPt2IxgINuOID3ERJdN-5wRxVOqHjSl8_k8ITX7R3E3HW2E4d2x9-TtE30SV5DaES5qBeBwcQm-L8D5CV7FAr6qD4viZTc-Mr_9NgjI97w6XQF_QexdxSlzFqo0fZ9rVix-lUP1PgvYXghH5reddnm90uUvnJDlMo7D17VBRp5cVUDjBYAE2dZ15XMkYHgAM8-HFujTVO9OrjsEqrMRHjvkivo0ehVceEDks2zOM1igNDl3HljkGKrbOBZmGVD2wuEEH6DJEFZ-wIOU5Zz9-eUf0BBcHyjVCdmD_ggYz-RbYFygByzZXq8h9HDm0B_h4i8EDNRlpoW2UAZ7F2Jrj0dpmGVFBct4wFLhwvCAkJCUEyW5JgQXBqLONDBbTS97FvmxETHx8lRaf-1gWIa1No_ko6eXI68IaT_qMks8etecCRIGI0ew1oqCMuUj504e-1rA4SGbVCB3OMNZHBRPVveViWLZbK2HZlmYnzuZeMDPaqoLSbcZImUmVVzKH_xeIoAHzne9ftEMrleJ__SeGQA-A-aNIrDHMZfardvYza8huTxGXiFBFqi5hqfauyYwlUFCr_Ky3FlHOR_k9K-UW9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 49FC 709 KB
226 KB 34ms
33ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 103951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 06:42:05 GMT
expires: Wed, 26 Jun 2024 06:42:05 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B5BE 44 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 11:34:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B5BE 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 49FC 0
17 B 29ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljfn324z&c=4161993301797&slotId=2080996650898.5&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=12&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 49FC 0
17 B 29ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljfn3261&c=4161993301797&slotId=2080996650898.5&fb=ima_html5-lima&sdkv=h.3.578.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&ghmsh_eids=420706098%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame B5BE 0
17 B 29ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljfn3217&c=4161993301797&slotId=2080996650898.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

32
r4---sn-5hneknek.c.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-5hneknek.c.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/acao,ctier,expire,id,ip,ipbits,ita...

2 MB
0

128ms
27ms

Media
video/mp4

2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hneknek.c.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DD0EC7D79FB598401FB17D995A5F12088B3AFA7.0F34FE9A74EF045DF888B4BF7CABC8D64448C875/key/cms1/cms_redirect/yes/mh/SZ/mip/2a00:1630:2:1c03::7/mm/42/mn/sn-5hneknek/ms/onc/mt/1687951431/mv/u/mvi/4/pl/32?cpn=RCwwCC3oEHP-Eafh&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:34:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2023 11:57:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2205435/2205436
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2205436
Expires: Wed, 28 Jun 2023 11:34:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-5hneknek.c.2mdn.net/videoplayback/id/4c00e38f4f4814ea/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818059098/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2DD0EC7D79FB598401FB17D995A5F12088B3AFA7.0F34FE9A74EF045DF888B4BF7CABC8D64448C875/key/cms1/cms_redirect/yes/mh/SZ/mip/2a00:1630:2:1c03::7/mm/42/mn/sn-5hneknek/ms/onc/mt/1687951431/mv/u/mvi/4/pl/32?cpn=RCwwCC3oEHP-Eafh&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5B28 16 KB
6 KB 106ms
32ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=154125
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 11:34:37 GMT
expires: Fri, 30 Jun 2023 06:23:22 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8728 16 KB
6 KB 106ms
33ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=154125
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 11:34:37 GMT
expires: Fri, 30 Jun 2023 06:23:22 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7AD1 281 B
554 B 87ms
26ms Document
text/html 23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 11:34:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1994 37 B
140 B 97ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 28 Jun 2023 11:34:37 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2C3E 3 KB
2 KB 105ms
34ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 539
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7de59f22dbe70e88-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:34:37 GMT
expires: Wed, 28 Jun 2023 15:34:37 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8B60 52 KB
17 KB 44ms
43ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:34:37 GMT
ETag: "623de86a-cf34"
Expires: Thu, 29 Jun 2023 11:34:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9BAF 52 KB
17 KB 87ms
43ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:34:37 GMT
ETag: "623de86a-cf34"
Expires: Thu, 29 Jun 2023 11:34:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5DCE 3 KB
1 KB 103ms
35ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 539
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7de59f22dbe90e88-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:34:37 GMT
expires: Wed, 28 Jun 2023 15:34:37 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0815 37 B
139 B 93ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 28 Jun 2023 11:34:37 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8B60 0
861 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: bd5a3d07-7c92-4b1f-84c9-e430d103468e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7AD1 34 KB
10 KB 38ms
38ms Script
text/html 23.2.229.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.229.193 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-229-193.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8298bdc22abd73ca7fe6add32f1c38dd697115c4613c716b6a094205fe554ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:34:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 01:35:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50473
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 29 Jun 2023 01:35:50 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BAF 0
861 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: 563e3047-b7c3-419f-95c5-aeacdb67fd8c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5B28 3 KB
3 KB 99ms
30ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38823899&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 88ee1345be0a7922f136da5fc50bd72852a0b6e2b6f9d70a89848e66b0cc843c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:34:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

34ms
34ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 9cf6f2e0bedb693caeed00c5faff5b76b444945ccd84313864fe0cb5e9bd32ee

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1762
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

34ms
34ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 893da735d4e5f65261f13c9a044c6cf7517d657c2940b20dfe0e40e470e582bd

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1704
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame F7CF 43 B
443 B 91ms
31ms Document
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: Wed, 28 Jun 2023 11:34:36 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DCA1
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6788356882018535184

42 B
275 B

26ms
26ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6788356882018535184
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6788356882018535184
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F699
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

174ms
25ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:37 GMT
expires: Wed, 28 Jun 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 941968
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5141
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628313696389

42 B
275 B

55ms
28ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628313696389
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:37 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628313696389
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame AE48
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

202ms
202ms

Document
image/gif

54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B994EXDAHACTMFY0PG52

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RHX36MB5T4WMFKAJ2TVN

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dv_ofBxpTEK04PQtS3gLQQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

63ms
61ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=154125
accept-ranges: bytes
content-length: 5554
expires: Fri, 30 Jun 2023 06:23:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 5B28 49 B
265 B 644ms
542ms Image
image/gif 52.31.229.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.229.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-177.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.41
content-length: 49
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 5B28
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3423810417

0
45 B

270ms
269ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3423810417
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
via: 1.1 google
last-modified: Wed, 28 Jun 2023 11:34:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
via: 1.1 google
last-modified: Wed, 28 Jun 2023 11:34:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3423810417
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 5B28
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTk5emRrS0Vib0JUTWlNcEt1U0lTVVhFZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=5649857037646172335&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

104ms
103ms

Image
image/png

52.72.63.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: HTTP/1.1
Server: 52.72.63.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-63-169.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:34:38 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 28 Jun 2023 11:34:38 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZGRkU4N0MtMUM2OS00QzQyLUI0RTAtRjQyRDRCNzgwQjQx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

107ms
27ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO33FARl0W91zN96cAJKXjI&google_cver=1

42 B
299 B

120ms
29ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO33FARl0W91zN96cAJKXjI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO33FARl0W91zN96cAJKXjI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5B28 43 B
611 B 111ms
43ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 27 Jun 2023 11:34:37 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B28
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5649857037646172335

42 B
324 B

26ms
26ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5649857037646172335
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5649857037646172335
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5B28 70 B
264 B 243ms
142ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7AD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4j3HoffOgrGUiN-xsL9zU&google_cver=1

0
239 B

167ms
33ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4j3HoffOgrGUiN-xsL9zU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4j3HoffOgrGUiN-xsL9zU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7AD1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UWd4zDbHQq-SWOgFaAilxQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UWd4zDbHQq-SWOgFaAilxQ

43 B
479 B

47ms
46ms

Image
image/gif

54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UWd4zDbHQq-SWOgFaAilxQ

Protocol

HTTP/1.1

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SR80RR7GWXBARWWBRRJB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UWd4zDbHQq-SWOgFaAilxQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7AD1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_nHluJ4aQn2fgUlRBLEKyg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_nHluJ4aQn2fgUlRBLEKyg

43 B
479 B

110ms
110ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_nHluJ4aQn2fgUlRBLEKyg

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QYKE1DT4V7HCX5ZT37NM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_nHluJ4aQn2fgUlRBLEKyg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AD1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGTjJaWEgtMTItSVI4Mg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIbITnF5IGADu1qjSpE7fhE&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGTjJaWEgtMTItSVI4Mg==&google_push=

170 B
188 B

47ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGTjJaWEgtMTItSVI4Mg==&google_push=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGTjJaWEgtMTItSVI4Mg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7AD1 70 B
264 B 201ms
141ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7AD1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFN2ZXH-12-IR82

0
649 B

201ms
131ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFN2ZXH-12-IR82
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1330025F7C7D4351871A80241847701C Ref B: LON212050702027 Ref C: 2023-06-28T11:34:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/Lvf+rBk2ohTI/T0XlQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFN2ZXH-12-IR82
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AD1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGVkNjFiYTg1MjdkNGMxMzBiYTBlYmZiMjMyMTVjMTA2NjRhN2JjYw

170 B
243 B

42ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGVkNjFiYTg1MjdkNGMxMzBiYTBlYmZiMjMyMTVjMTA2NjRhN2JjYw

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGVkNjFiYTg1MjdkNGMxMzBiYTBlYmZiMjMyMTVjMTA2NjRhN2JjYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7AD1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/bJyViYxdHB_DMlnCxADyGsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-djvR.u5E2oIbndXtkFn1_cmStszqLhgJov1Jfg--~A

0
239 B

33ms
33ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-djvR.u5E2oIbndXtkFn1_cmStszqLhgJov1Jfg--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 28 Jun 2023 11:34:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-djvR.u5E2oIbndXtkFn1_cmStszqLhgJov1Jfg--~A
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 797F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

125ms
122ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FZ11026B856TGAK67JVM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VGGAQXBC4D8V16BKB011
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJwazXHNMc4oylTTzLrjpAAAFH8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1

43 B
766 B

62ms
62ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJwazWKD0MFh8um0LxT-mQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1

43 B
632 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 797F 70 B
264 B 175ms
142ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7412251016812295724

43 B
632 B

34ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7412251016812295724
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Date: Wed, 28 Jun 2023 11:34:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fcf7a308-f29d-484d-95c4-c4e7811243fb
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7412251016812295724
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F4609A958A8D4D2AA6574D48428B2DAE

43 B
632 B

162ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F4609A958A8D4D2AA6574D48428B2DAE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Wed, 28 Jun 2023 11:34:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F4609A958A8D4D2AA6574D48428B2DAE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 27 Jun 2023 11:34:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505688636749568525

43 B
632 B

80ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505688636749568525
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505688636749568525
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 797F
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZJwazXHNMc4oylTTzLrjpAAA%265247&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b4102d8-8b08-4425-a6d7-720fad7eb3b9-tuctb95a04d

43 B
632 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b4102d8-8b08-4425-a6d7-720fad7eb3b9-tuctb95a04d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b4102d8-8b08-4425-a6d7-720fad7eb3b9-tuctb95a04d
date: Wed, 28 Jun 2023 11:34:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 52014

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 797F 43 B
354 B 189ms
33ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZJwazXHNMc4oylTTzLrjpAAA%265247
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 65507
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7de59f25390f2868-AMS
content-length: 43
expires: Thu, 29 Jun 2023 11:34:37 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJwazWKD0MFh8um0LxT-mQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1

43 B
632 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECGnNEnoVZJQi0Gd5mNDnfs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DB68 70 B
265 B 179ms
140ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DB68
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

110ms
110ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QFC0RT65XYFN1SB4YDG8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R1Y49YW3JQ86RSJ1ZBFN
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJwazWKD0MFh8um0LxT_mQAACHoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1

43 B
632 B

59ms
59ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHMmk8AE1Ec3C1PhACz0HZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=cAU8HHdQZhtrCGRNdVcoTH8JYUtrAjMdcAlHMPtA

43 B
632 B

61ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=cAU8HHdQZhtrCGRNdVcoTH8JYUtrAjMdcAlHMPtA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=cAU8HHdQZhtrCGRNdVcoTH8JYUtrAjMdcAlHMPtA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DB68 0
187 B 178ms
24ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:36 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DB68
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1703763277&external_user_id=41d29525-1b46-493d-8ed1-8cb1bb24bf5f

43 B
632 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1703763277&external_user_id=41d29525-1b46-493d-8ed1-8cb1bb24bf5f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

date: Wed, 28 Jun 2023 11:34:37 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1703763277&external_user_id=41d29525-1b46-493d-8ed1-8cb1bb24bf5f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame DB68 43 B
102 B 188ms
34ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZJwazWKD0MFh8um0LxT-mQAA%262170
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fua-dapamoga24.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 65507
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7de59f2539112868-AMS
content-length: 43
expires: Thu, 29 Jun 2023 11:34:37 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 49FC 43 B
66 B 68ms
68ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 09:22:32 GMT
x-content-type-options: nosniff
age: 7925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 09:22:32 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 49FC 42 B
64 B 174ms
173ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvui5ng7o1mdo6JRzEYEm1XCxfG6frhp8hXJjtMU7TDuFgda0NaqKi-iOgpnVhvCZCeXTSwfypGc9wyMYVOw9oAq_xzH0vg&sig=Cg0ArKJSzOjg4z0ICtbDEAE&id=lidarv&acvw=sv%3D954%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,5878%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D90%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D588092386%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1687952076812%26ptlt%3D1687952077469%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687952077021&avm=1

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 49FC 42 B
107 B 133ms
132ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,5878%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D90%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D588092386%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1687952076812%26ptlt%3D1687952077471%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687952077021;dc_rfl=2,https%253A%252F%252Fua-dapamoga24.site%252F%240;ecn1=0;etm1=0;eid1=210001;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 49FC 42 B
107 B 136ms
134ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D28%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D28%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D28%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D90%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D588092386%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1687952076812%26ptlt%3D1687952077473%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687952077021;ecn1=0;etm1=0;eid1=210006;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a2-18-160-221.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 01B6 0
482 B 233ms
69ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2duQhsZGnQTaGh7F8oX2gWM5MiyLHayBMvglTx6ktPJ_7jyX-iSpw0jXKlCxHpXzh-GshqU1Jgf9YEouccqv9dyCD9aJDpOTOTpNSx5YD7TtYWtTaZEwt9N4XHBOBjU-S3zJBBJGdf7Irk6t23OeNx7Xe&sai=AMfl-YR3jFjoQDMBbomdgWbUqAuOlKhwtpJrS5xRGwDs8Rlr-T3DOFSa1Se9U05JsKdjzZAkv9jLrtoEEAF34OiYG6ZZB7nhQ4LmQjlZPQ&sig=Cg0ArKJSzGFtFrPwA_FDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

googlegdn_sync
x.dlx.addthis.com/e/ Frame 01B6
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-YjQEQwOyLpAQY1qug5gEgATAB&v=APEucNXjUEG2o5lgisGACbeas-PpXkMylrLcWfJau6sHVziyqWG0t_N97OaUnSWb5lHtqjMPGXWyVRo7UOMX5_qxyGbLBrRIYw
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEJko1g8NwBrA8NZVdFXuuiE&google_cver=1

43 B
182 B

631ms
183ms

Image
image/gif

2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEJko1g8NwBrA8NZVdFXuuiE&google_cver=1

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Server

2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 11:34:38 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:38 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEJko1g8NwBrA8NZVdFXuuiE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/video/236/ 117 KB
35 KB 167ms
26ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/video/236/trk.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1017.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 070445e13ba241dcb5f59c584cbe0f38afe504756e6c7f33cd3b34ca91c96fb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 14 Jun 2024 13:01:03 GMT
Date: Wed, 28 Jun 2023 11:34:37 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1118014
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 35440
X-Served-By: cache-lga21960-LGA, cache-ams21045-AMS
Last-Modified: Thu, 15 Jun 2023 12:59:54 GMT
Server: AkamaiNetStorage
X-Timer: S1687952078.639246,VS0,VE0
ETag: "d131810c91a9568df9962cceba9a1a81:1686833994.127456"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 18, 157641

GET
H2 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 01B6 42 B
107 B 130ms
122ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=11;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ 0
933 B 73ms
69ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QKDDeiDBgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWjDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SBClZDSTYMQAAAIDrUdg_MP3wnw442kxAoAtIZVDu2czOAVjsmJwBYABonpC9AXjv9AWAAQGKAQNVU0SSAQEG8DyYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAum6SuoCdWh0dHBzOi8vbnYudWEvdWtyAQT0uwVhaW5lL2V2ZW50cy9kb3BvbW9nYS12aWQtb29uLTIwMjMtcm9jaS1odG8tb3RyaW1heWUtMi0yMjAtZ3JuLWkteWFrLXBvZGF0aS16YXlhdmt1LTUwMzM0MDg4Lmh0bWyAAwCIAwGQAwCYAxegAwGqA4gHCtEGaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1Da0FFU3l4cWNaTFB1TElXaS1nYTdncDlnMFpyRnFuR3VtT1NScWhIb2stbnN0em9RQVNEbWw5WWxZSkdFb0lXTUdNZ0JCYWtDQndJVnliQmVzajZvQXdISUF4T1lCQUNxQk5JQlQ5QmlRVFd2UVhEbzgxZE4xalpOYjQ4Y1pIN3hxekczRFZnbGFVWS0xV1JLblFnQ3d3c3BlS09Ta3FGNHNmdzRrS2lPUzh3bDBxUmY3eFF3eEVzYlNnQ3k4ZWtWYUd2OGNoTVVPZ1RnRXRfRXh2eXNUUm1xRVd2eWN6MUh4X0F3czRUQnZkWlZ2Rm1LUlV5Q0hZZFB5SDJCa3lrZU9RMTVyOFo2QVhWeVVIeTl1LWhIVFFnbU4wWHdiQUdsOHkzZF9BbEVuRkozU0pxdlI3b1ZoUDhqTmtQNHFqWEljdkFweEdWSXQ0Xzd4RGhZc3NKMjF1SFBucW1yTElQLXp6TktOUU11V2lfSmVrSjB4eXNheThpUzRiRzR3QVRlcmFPdnF3VGdCQU9JQmZQWW5NUktrZ1VHQ0IwUUJCZ0JrZ1VHQ0IwUUFSZ0JrZ1VHQ0I0UUFSZ0JrQVlCb0FaT2dBZTB3Y183QTZnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YjJBY0E4Z2NORU8zWXJ3RVkxcXVnNWdFZ0JOSUlGZ2lBNFlBUUVBRVlYeklDcWdJNkFvQkFTTDM5d1RyeUNBNWlhV1JrWlhJdE5qQTFPVEV4TW9BS0JNZ0xBYkFUd3B6c0U4Z1QwZkMwNGdQUUV3RFlFd09JRkFUWUZBSFFGUUdBRndHeUZ3Z0tCZ2dBRWdBWUFBJnNpZ2g9eGd6N0ItMzJ6UEkmY21kPUNoZGpZUzF3ZFdJdE16QTNOamc1TURBeE1qYzBNVFEyTnhBQUdBRSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURoVjEzanVLVWxWREdNRm5KREJxS1BNRlBUZFdHakJnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0OTkxMDU1MDIwNTYyMzcwMzQ2Igk0MzMyNjk5OTgqBzIzMTMyMzE6CTQ4Mjg3NDgzOMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTAuMTQyqAQAsgQOCAAQARgAIAAoAjAAOAK4BADABADIBADaBAIIAeAEAPAE7tnMzgGIBQGYBQCgBeTPu-rQ092iEMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb8M-gUECAAQAJAGAZgGAKIGDjk4MTgjQU1TMzo2MDg5uAYAwQYAAAAAAADwP9AGoE7aBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYE8gaHAQjU9WMSgAFlaFQzV2xvQUFBQURBQWtDQlFFSTR0U0JDaENVc2M0REdMNlktQU1nQnlnQVFOVEYzZ3BJMWNYZUNsRHhRMWpKTDNFQUFBQUFBQUFBQUhnQWdRRUFBQUFBQUFBQUFJZ0JBSkFCQUpvQkFnZ0FxQUVBc1FFQUFBQUFBQUFBQUEuLoAHAYgHAKAHQKoHCzIwMDA3MzAwMjExyAfv9AXSBw0JAAAAAACAS0AQABgA2gcGCAAQABgA4AcA6gcCCADwB4KeOIoIAhAAlQgAAIA_mAgA&s=13b38ca5e3f4c7029e2ed41bf2114b0e50a2af95

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: 0e670603-f90e-42d6-86d9-92b21dfc5412
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK nop
ib.adnxs.com/ 0
861 B 74ms
69ms Image
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/nop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: 57487fdd-bc25-4208-855c-44dc5afaa93d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 132ms
132ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://ua-dapamoga24.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:37 GMT
x-amzn-RequestId: d7952aee-9e9a-6955-8a83-37e30bf47120

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
558 B 119ms
117ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 89c962b513c16cd7cfef647017fd909f9fe21689d65f34ad3876ddc099deab3c

Request headers

Referer: https://ua-dapamoga24.site/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: nl-NL,nl;q=0.9
X-Amz-Date: 20230628T113437Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20230628/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=6b717e8625580c11ecb7d0867feccfc01f4078c8d0475e845fa3c6f2e7ae1a46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 28 Jun 2023 11:34:37 GMT
x-amzn-RequestId: ef8b9f74-5a90-a637-b29d-8279cffebe42
Content-Length: 110
x-amz-id-2: 2lh3VBbDIuq2WBXSn2Ks2IZjM9+yODXNXfL+YHjeiKggFUd1SPQL4JBm9anlrfbTMpi6drV40YFwD2uWyo2LWlWA9A9eeO+fqWt6j6omao0=
Content-Type: application/x-amz-json-1.1

POST
H2 200 video_ad_session
ym-tack.b-cdn.net/ 0
0 111ms
110ms Ping
text/html 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/video_ad_session?NVR;desktop;;NVR_VIDEO;Chrome;114.0.5735.198;;8438022509507768;page_desktop;NL
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
89ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ua-dapamoga24.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 124ms
124ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2576535857942620&correlator=832670545883214&hxva=1&scor=937612953216115&eid=31073863%2C31075615%2C31074824&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21899553449%2CNVR_DESKTOP_VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=618418264&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_pb_dynamic%3D0.85%26hb_pb%3D0.85%26hb_bidder%3Dappnexus&sc=1&cookie=ID%3D9f6ed587dfee2aff%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MY6J9-qnm_-scMqnNgAQJWYIFlEjA&gpic=UID%3D00000c5e95ce5e93%3AT%3D1687952074%3ART%3D1687952074%3AS%3DALNI_MbdV-HD3pDKScAPlyyQOikiPPiaIw&abxe=1&dt=1687952077503&lmt=1687952077&dlt=1687952073329&idt=772&adxs=10&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fua-dapamoga24.site%2F&frm=20&vis=1&psz=1600x5864&msz=0x-1&fws=512&ohw=0&ga_vid=1970455335.1687952074&ga_sid=1687952074&ga_hid=1091357588&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e77373ac3f953d6da40ee4f10f07de9f369a90123f5bfac9462dc373c7fb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11870
x-xss-protection: 0
google-lineitem-id: 6204754713
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138418411786
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v2
ams3-ib.adnxs.com/vast_track/ 0
933 B 109ms
55ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/vast_track/v2?info=aAAAAAMArgAFAQnMGpxkAAAAABEqzwzzGMpDRRnLGpxkAAAAACDu2czOASgAMKALONpMQK2ugAFI6OjxAlD98J8OWL8MYgItLWgBcAF4AIABAIgBAJABAJgBAKABAKgB7tnMzgGwAQE.&s=f9c4ede4c07c5dcbe311b9bafdb5902997441865&event_type=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: 8b83c15d-492e-4a40-b2a2-7fca63a7a112
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 video_new
ym-tack.b-cdn.net/ 0
0 90ms
90ms Ping
text/html 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/video_new?NVR;desktop;;NVR_VIDEO;Chrome;114.0.5735.198;8438022509507768;/nvr/ukr_desktop/nv-own8-14403-20230626-desktop.mp4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 container.html Show response
1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6112 6 KB
3 KB 36ms
33ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ua-dapamoga24.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:34:34 GMT
expires: Thu, 27 Jun 2024 11:34:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=45je36q0&_p=1091357588&cid=1970455335.1687952074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1687952073&sct=1&seg=0&dl=https%3A%2F%2Fua-dapamoga24.site%2F&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%B2%D1%96%D0%B4%20%D0%9E%D0%9E%D0%9D%202023%20%D1%80%D0%BE%D1%86%D1%96%20-%20%D1%85%D1%82%D0%BE%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%94%202%E2%80%89220%20%D0%B3%D1%80%D0%BD%20%D1%96%20%D1%8F%D0%BA%C2%A0%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B8%20%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D1%83%20%2F%20NV&en=Web%20Vitals&ep.is_paywall=0&epn.top_category_id=2283&ep.is_infinite=false&ep.is_evergreen=0&ep.paywall_user_id=0&ep.paywall_subscription=none&epn.EditorId=2000269&ep.allowLinker=true&ep.eventAction=TTFB&epn.eventValue=371&ep.eventLabel=https%3A%2F%2Fua-dapamoga24.site%2F&_et=245
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua-dapamoga24.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK rd_log
ams3-ib.adnxs.com/ 0
958 B 46ms
46ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QL8Bej8AgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWjDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SBClZDSTYMQAAAIDrUdg_MP3wnw442kxAoAtIZVDu2czOAVjsmJwBYABonpC9AXjv9AWAAQGKAQNVU0SSAQEG8DyYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAum6SuoCdWh0dHBzOi8vbnYudWEvdWtyAQT0SAFhaW5lL2V2ZW50cy9kb3BvbW9nYS12aWQtb29uLTIwMjMtcm9jaS1odG8tb3RyaW1heWUtMi0yMjAtZ3JuLWkteWFrLXBvZGF0aS16YXlhdmt1LTUwMzM0MDg4Lmh0bWyAAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgDorhW4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTAuMTQyqAQAsgQOCAAQARgAIAAoAjAAOAK4BADABADIBADaBAIIAeAEAPAE7tnMzgGIBQGYBQCgBeTPu-rQ092iEMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb8M-gUECAAQAJAGAZgGAKIGDjk4MTgjQU1TMzo2MDg5uAYAwQYAAAAAAADwP9AGoE7aBhYKEAAAAAAAAA1L8FgAAAAQABgA4AYE8gaHAQjU9WMSgAFlaFQzV2xvQUFBQURBQWtDQlFFSTR0U0JDaENVc2M0REdMNlktQU1nQnlnQVFOVEYzZ3BJMWNYZUNsRHhRMWpKTDNFQQE9BQEUSGdBZ1FFBQsFAUxJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gAIhBLi6ABwGIBwCgB0CqBwsyMDAwNzMwMDIxMcgH7_QF0gcNCQG2DACAS0ABugzaBwYICcNkBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.&s=a001a9d0919b180619c6fa2c1f882c1215eb0fda&bdref=https%3A%2F%2Fua-dapamoga24.site%2F&bdtop=true&bdifs=0&bstk=https%3A%2F%2Fua-dapamoga24.site%2F

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/video/236/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: a886a90b-7024-43e4-bc85-81f6f4a05d5d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ 0
958 B 33ms
32ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnv.ua%2Fukr%2Fukraine%2Fevents%2Fdopomoga-vid-oon-2023-roci-hto-otrimaye-2-220-grn-i-yak-podati-zayavku-50334088.html&e=wqT_3QKFDeiFBgAAAwDWAAUBCMu18KQGEKqes5iPw_KhRRgAKjYJWjDxR1EHB0ARdUtAhm1n6z8ZAAAAIFyPCkAhdQ0SBClZDSTYMQAAAIDrUdg_MP3wnw442kxAoAtIZVDu2czOAVjsmJwBYABonpC9AXjv9AWAAQGKAQNVU0SSAQEG8DyYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAum6SuoCdWh0dHBzOi8vbnYudWEvdWtyAQT0vQVhaW5lL2V2ZW50cy9kb3BvbW9nYS12aWQtb29uLTIwMjMtcm9jaS1odG8tb3RyaW1heWUtMi0yMjAtZ3JuLWkteWFrLXBvZGF0aS16YXlhdmt1LTUwMzM0MDg4Lmh0bWyAAwCIAwGQAwCYAxegAwGqA4gHCtEGaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1Da0FFU3l4cWNaTFB1TElXaS1nYTdncDlnMFpyRnFuR3VtT1NScWhIb2stbnN0em9RQVNEbWw5WWxZSkdFb0lXTUdNZ0JCYWtDQndJVnliQmVzajZvQXdISUF4T1lCQUNxQk5JQlQ5QmlRVFd2UVhEbzgxZE4xalpOYjQ4Y1pIN3hxekczRFZnbGFVWS0xV1JLblFnQ3d3c3BlS09Ta3FGNHNmdzRrS2lPUzh3bDBxUmY3eFF3eEVzYlNnQ3k4ZWtWYUd2OGNoTVVPZ1RnRXRfRXh2eXNUUm1xRVd2eWN6MUh4X0F3czRUQnZkWlZ2Rm1LUlV5Q0hZZFB5SDJCa3lrZU9RMTVyOFo2QVhWeVVIeTl1LWhIVFFnbU4wWHdiQUdsOHkzZF9BbEVuRkozU0pxdlI3b1ZoUDhqTmtQNHFqWEljdkFweEdWSXQ0Xzd4RGhZc3NKMjF1SFBucW1yTElQLXp6TktOUU11V2lfSmVrSjB4eXNheThpUzRiRzR3QVRlcmFPdnF3VGdCQU9JQmZQWW5NUktrZ1VHQ0IwUUJCZ0JrZ1VHQ0IwUUFSZ0JrZ1VHQ0I0UUFSZ0JrQVlCb0FaT2dBZTB3Y183QTZnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YjJBY0E4Z2NORU8zWXJ3RVkxcXVnNWdFZ0JOSUlGZ2lBNFlBUUVBRVlYeklDcWdJNkFvQkFTTDM5d1RyeUNBNWlhV1JrWlhJdE5qQTFPVEV4TW9BS0JNZ0xBYkFUd3B6c0U4Z1QwZkMwNGdQUUV3RFlFd09JRkFUWUZBSFFGUUdBRndHeUZ3Z0tCZ2dBRWdBWUFBJnNpZ2g9eGd6N0ItMzJ6UEkmY21kPUNoZGpZUzF3ZFdJdE16QTNOamc1TURBeE1qYzBNVFEyTnhBQUdBRSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURoVjEzanVLVWxWREdNRm5KREJxS1BNRlBUZFdHakJnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0OTkxMDU1MDIwNTYyMzcwMzQ2Igk0MzMyNjk5OTgqBzIzMTMyMzE6CTQ4Mjg3NDgzOMAD4KgByAMA2AOiuFbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1MC4xNDKoBACyBA4IABABGAAgACgCMAA4ArgEAMAEAMgEANoEAggB4AQA8ATu2czOAYgFAZgFAKAF5M-76tDT3aIQwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvwz6BQQIABAAkAYBmAYAogYOOTgxOCNBTVMzOjYwODm4BgDBBgAAAAAAAPA_0AagTtoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgTyBocBCNT1YxKAAWVoVDNXbG9BQUFBREFBa0NCUUVJNHRTQkNoQ1VzYzRER0w2WS1BTWdCeWdBUU5URjNncEkxY1hlQ2xEeFExakpMM0VBQUFBQUFBQUFBSGdBZ1FFQUFBQUFBQUFBQUlnQkFKQUJBSm9CQWdnQXFBRUFzUUVBQUFBQUFBQUFBQS4ugAcBiAcAoAdAqgcLMjAwMDczMDAyMTHIB-_0BdIHDQkAAAAAAIBLQBAAGADaBwYIABAAGADgBwDqBwIIAPAHgp44iggCEACVCAAAgD-YCAE.&s=5ed98233d7802fbaa0d300597add172562933b33&type=nv&nvt=5&jm=1320|1003&px=325&py=1698&bw=640&bh=360&sid=6756508461659000563&vd=ct~0|pn~anxvvapi_1|rr~0&sv=236&tv=vh2-138-anwrapper&ua=chrome52&pl=win&x=video&sw=1600&sh=1200&pw=1600&ph=5878&ww=1600&wh=1200&cd=15&ft=0

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/video/236/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: b2dbef48-1cf8-4255-9530-78f3a5374a77
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ua-dapamoga24.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4A42 0
861 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:37 GMT
AN-X-Request-Uuid: 960d190f-f3bf-4e67-9fa7-d48ff1b387f5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6112 24 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com
URL: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 318548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Jun 2024 19:05:29 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6112 26 KB
9 KB 157ms
157ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com
URL: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37972
x-jsd-version: 1.15.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9276
x-served-by: cache-fra-eddf8230064-FRA, cache-bom4726-BOM
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6112 179 KB
56 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com
URL: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 11:34:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6112 0
0 98ms
98ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGYJvh48rsIyf-gHL5moWDiPps6HFDjaOW0CH6R4d8vFUrZER6yD_T81w21vq521lidreMXDPpai3jKq_G583CnUzRXJ2veaLrD--tddA7zXw_FltodFW69YyjcHZLU1oGN-HhVvEjtzc2BawvYdbXreGcEAGK3lI7F8DeyYLntBvdUWZZ11z-Zdlte9ne6WxJdXnrOu3JJUm1XjgB2XIWzkT_JV55x4VGEvJfRqtrbc09eHSJEpx58xxIr5uzcAMdkMTaqqi5ns3ZvdUDjd_Tw-1q5XV5VM_1xy-_LPKqS5xti6cVsG_FfvwnnDKBAIAXJLoSBo8DPZxdR19KT2ndNBoK&sai=AMfl-YT1NBhhkRvNlnANqTWTH_M2CiQ4YgiZB_eRtbBPRN8-nm0XGX3msZDQ2Qi4-yhBfAboe3sDFKte80iwvVb3_0xYyYotXu37qplBTqKg_g_eofoxllRUiX91M5c8hTE&sig=Cg0ArKJSzFbQ9G7M5DcHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com
URL: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6112 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c30890bafa7e1cf2e8d9135baa3747486e1c816327499104e6262eae3919033

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6112 0
0 100ms
99ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA4ajtA9dOitJ5r5NmIjJ0mQpO-Zmt1rYlDt_pqMaiY6fBirpdSD58Ncy-WtQt5JIhpbWyRTz7K7jiZHyBQ4XnRYD18IJugoAYHxi_GHv1_5R1ymnAhhR2d33KKOOXa9PRp_1ZOOHXNsRAwiSgKBwhKuYuohkGmSimW7jRoqqZcvEWZJiz7GHrt8p413_HPphVJ5euPJNBNj8br3q-Mp6Rmeky5LNmCQ-kTHg7t0rt6DdDT88A9I8lQkMRosr3gCIVxYg3L1wYdZAdzHXpYq9FQ2x-jUdZxt_8g-dn_ESPLdlj1cTFBbfhJEsUk7bZ0fbUMfjJiWM69dIZBv8xo1kfJutfyJk&sai=AMfl-YQRQluXmDgUNqO75BaQx8Ab4uIedCRWj7n631xsJUc_V9qnpj4ulXc0GRwlSXd1YL3MXYFkAYpeMTnzK-trsfWQzUKC8CH1IYr63pbr4XHccdkMA2RAsTHJ7RbMSfo&sig=Cg0ArKJSzCozHeJmMCzIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 11:34:38 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 49FC 0
17 B 30ms
29ms Ping
image/gif 2a00:1450:4013:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ljfn326r&c=4161993301797&slotId=2080996650898.5&fb=ima_html5-lima&sdkv=h.3.578.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=1000&br=978&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&met.4=ff.ljfn32jj
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8B60 0
861 B 27ms
26ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
AN-X-Request-Uuid: 740e6096-4d3b-4548-9286-0c6251b36caa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BAF 0
861 B 95ms
94ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:34:38 GMT
AN-X-Request-Uuid: 698657e9-5d48-4365-8a90-678b9cfd225a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6112 42 B
174 B 69ms
68ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk7MyvhmQp-rT7T9TX_qspmQDUsNUzMEQgs7CP7WsJLVuEcvNoFP3FUAJ6Cewwsa_LbxawZFrFr_8DYhHzC1b6FDANUYRCL39tEJBkYwiD5G6fBb9G&sig=Cg0ArKJSzGhm739f_kawEAE&id=lidar2&mcvt=1000&p=26,10,27,11&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=618418264&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687952077641&rpt=323&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1031f058c9d6504bed69f3fb28367e3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5B28 0
260 B 137ms
47ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162179&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8728 2 KB
2 KB 31ms
31ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62355977&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a21ee7a6a44584bae19727d60f2121db455b4305ddb8d08dfd27e3964cd11b14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 28 Jun 2023 11:34:39 GMT
content-length: 1910
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 2AFA 35 B
591 B 47ms
46ms Document
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 28 Jun 2023 11:34:40 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1ED3
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G01JuRwYE74AQBHoHh9d6RRBFO4ASka4G0HjCSBY

42 B
422 B

36ms
36ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G01JuRwYE74AQBHoHh9d6RRBFO4ASka4G0HjCSBY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-store, proxy-revalidate
content-length: 0
date: Wed, 28 Jun 2023 11:34:40 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G01JuRwYE74AQBHoHh9d6RRBFO4ASka4G0HjCSBY
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B733
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412251016812295724&gdpr=0&gdpr_consent=

42 B
298 B

27ms
26ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412251016812295724&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: df4a3401-d58b-4b98-8f29-98c4854d0eb6
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 11:34:40 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7412251016812295724&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 31.204.150.142; 31.204.150.142; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C6ED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249698980833654935&gdpr=0&gdpr_consent=

42 B
299 B

36ms
35ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249698980833654935&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Wed, 28 Jun 2023 11:34:40 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249698980833654935&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1A15
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZm9VN0pPRFlBQUNISERCVU5nUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACfoU7JODYAACHHDBUNgQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACfoU7JODYAACHHDBUNgQ&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACfoU7JODYAACHHDBUNgQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=443141570586277415&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACfoU7JODYAACHHDBUNgQ&gdpr=0&gdpr_consent=

42 B
279 B

29ms
27ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACfoU7JODYAACHHDBUNgQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:34:41 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACfoU7JODYAACHHDBUNgQ&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E785
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fw8wVOOJXVVV2ols5QfDtx_Mlo4&gdpr=0&gdpr_consent=

42 B
298 B

31ms
29ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fw8wVOOJXVVV2ols5QfDtx_Mlo4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 11:34:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 11:34:41 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fw8wVOOJXVVV2ols5QfDtx_Mlo4&gdpr=0&gdpr_consent=

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 8728 95 B
439 B 142ms
55ms Image
image/png 2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de59f36ccf6b926-AMS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8728
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

69ms
68ms

Image
image/gif

77.243.51.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.51.121 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:52 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:52 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 8728
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=60baf1feb01fffb2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=64d215b8cf83c96abd9f8938c7c1c23d&gdpr=1
https://spl.zeotap.com/?zdid=1332&zcluid=60baf1feb01fffb2
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a8031d6b95&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESENhUaaiNxY65i5bqMHfgQNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a...

95 B
154 B

48ms
47ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESENhUaaiNxY65i5bqMHfgQNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a8031d6b95&zcluid=60baf1feb01fffb2&zdid=1332

Protocol

Server

2606:4700:10::ac43:db6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:41 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de59f3bbb63b926-AMS
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESENhUaaiNxY65i5bqMHfgQNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=da36b4e8-8d2a-41ac-7048-286a69806d87&reqId=d9daf7c4-170a-4f5b-5142-42a8031d6b95&zcluid=60baf1feb01fffb2&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 8728 0
125 B 159ms
46ms Image
text/plain 3.75.62.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&redir=true&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 76FFE87C-1C69-4C42-B4E0-F42D4B780B41
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8728 43 B
603 B 51ms
47ms Image
image/gif 2a05:d018:d29:3605:d35e:e8d:e3dd:83f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/76FFE87C-1C69-4C42-B4E0-F42D4B780B41?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:d35e:e8d:e3dd:83f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:34:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8728
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7e30dafb-617f-453d-9bca-ed78199741f2&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=842530f4-9e1f-4cee-a5b6-0a4fa10753a0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

26ms
26ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=842530f4-9e1f-4cee-a5b6-0a4fa10753a0&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:34:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=842530f4-9e1f-4cee-a5b6-0a4fa10753a0&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 28 Jun 2023 11:34:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 8728 0
104 B 184ms
73ms Image
text/plain 2a02:fa8:8806:12::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=76FFE87C-1C69-4C42-B4E0-F42D4B780B41&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8728
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7505688636749568525&gdpr=0&gdpr_consent=&us_privacy=

1 B
277 B

35ms
33ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7505688636749568525&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7505688636749568525&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 28 Jun 2023 11:34:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 49FC 42 B
63 B 101ms
100ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;av=1;acvw=sv%3D954%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1698,325,2058,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4018%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1033%26pst%3D429%26dur%3D15018%26vmtime%3D3981%26dvs%3D0%26dfvs%3D0%26dvpt%3D3990%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26ic%3D0%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D90%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D588092386%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1687952076812%26ptlt%3D1687952081464%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687952077021;ecn1=0;etm1=0;eid1=210002;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 01B6 42 B
63 B 101ms
100ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq8yxv-_l_wIV_EkdCR2QWgLJEAAYACC2p8NaQhMI8__8vu_l_wIVBZHeCh07wQcM;met=1;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: ua-dapamoga24.site
URL: https://ua-dapamoga24.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua-dapamoga24.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v2
ams3-ib.adnxs.com/vast_track/ 0
933 B 37ms
36ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS