vsim.ua Open in urlscan Pro
2606:4700:3035::6815:3aed Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On September 26 via api (September 26th 2022, 8:46:21 am UTC) from GB — Scanned from GB

Summary HTTP 229 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 68 IPs in 11 countries across 56 domains to perform 229 HTTP transactions. The main IP is 2606:4700:3035::6815:3aed, located in United States and belongs to CLOUDFLARENET, US. The main domain is vsim.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	2606:4700:303... 2606:4700:3035::6815:3aed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
3	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400d:804::200e	15169 (GOOGLE) (GOOGLE)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 10	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
2 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 6	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	37.187.28.21 37.187.28.21	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f607:ba15:f8ca:726:bfa6	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:bd35:2c7d:1af2:e9a4	16509 (AMAZON-02) (AMAZON-02)
2 2	3.248.73.132 3.248.73.132	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	15169 (GOOGLE) (GOOGLE)
2 2	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	54.216.193.48 54.216.193.48	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.75.14.26 3.75.14.26	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	108.128.241.23 108.128.241.23	16509 (AMAZON-02) (AMAZON-02)
1	157.90.211.246 157.90.211.246	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	13.32.99.36 13.32.99.36	16509 (AMAZON-02) (AMAZON-02)
1 1	3.218.193.24 3.218.193.24	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.211.23.209 52.211.23.209	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.156.45.124 35.156.45.124	16509 (AMAZON-02) (AMAZON-02)
2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.210.103.234 52.210.103.234	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:81f0:8432:14d1:181d	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.205.242 103.229.205.242	() ()
1	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
229	68

63 2606:4700:3035::6815:3aed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.39.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.28.21 (France)

ASN16276 (OVH, FR)
PTR: js13.adlooxtracking.com

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f607:ba15:f8ca:726:bfa6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:bd35:2c7d:1af2:e9a4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.73.132 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-73-132.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.132 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.193.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-193-48.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.14.26 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-14-26.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.241.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-36.fra60.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.193.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.23.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-23-209.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.45.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-45-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.103.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-103-234.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:81f0:8432:14d1:181d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.242 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	vsim.ua 1 redirects vsim.ua	1 MB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	500 KB
23	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	226 KB
13	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 228 acdn.adnxs.com — Cisco Umbrella Rank: 611 secure.adnxs.com — Cisco Umbrella Rank: 432	43 KB
12	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1707 mwzeom.zeotap.com — Cisco Umbrella Rank: 1669	4 KB
11	google.com accounts.google.com — Cisco Umbrella Rank: 77 ampcid.google.com — Cisco Umbrella Rank: 2077 adservice.google.com — Cisco Umbrella Rank: 75 region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2	77 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438 dsum.casalemedia.com — Cisco Umbrella Rank: 1306	9 KB
9	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5896 ghb.adtelligent.com — Cisco Umbrella Rank: 5717 sync.adtelligent.com — Cisco Umbrella Rank: 4320	150 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433 ads.pubmatic.com — Cisco Umbrella Rank: 462 image6.pubmatic.com — Cisco Umbrella Rank: 648	12 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232 s.amazon-adsystem.com — Cisco Umbrella Rank: 295	3 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 436	1 KB
4	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 564 pixel.rubiconproject.com — Cisco Umbrella Rank: 335 token.rubiconproject.com — Cisco Umbrella Rank: 667	11 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	175 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	12 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	199 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 513 usermatch.krxd.net — Cisco Umbrella Rank: 1103	942 B
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5376 www.google.co.uk — Cisco Umbrella Rank: 3335	1 KB
3	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 22967 id.gravitec.net — Cisco Umbrella Rank: 132346	20 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 797	28 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 869 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 838	787 B
2	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1540	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26264	682 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1343	750 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 615 cdn.indexww.com — Cisco Umbrella Rank: 1381	2 KB
2	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 9592 data00.adlooxtracking.com — Cisco Umbrella Rank: 8876	27 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 748	144 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 5593	1 KB
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 42666 api.gravitec.media — Cisco Umbrella Rank: 33808	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	122 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	mathtag.com 1 redirects sync.mathtag.com	662 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 488	433 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 47246	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 511	145 B
1	widespace.com engine.widespace.com — Cisco Umbrella Rank: 65527	210 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 562	178 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2134	361 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 448	526 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578	596 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7099	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	162 B
1	adform.net dmp.adform.net — Cisco Umbrella Rank: 5011	331 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9079	259 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 463	617 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	91 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489	169 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	41 KB
0	leokross.com Failed leokross.com Failed
229	56

	Domain	Requested by
63	vsim.ua	1 redirects vsim.ua
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	mwzeom.zeotap.com	spl.zeotap.com
11	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
10	ib.adnxs.com	2 redirects player.adtelligent.com googleads.g.doubleclick.net spl.zeotap.com acdn.adnxs.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
6	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net spl.zeotap.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	ghb.adtelligent.com	player.adtelligent.com
4	www.facebook.com	connect.facebook.net
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	accounts.google.com	vsim.ua accounts.google.com
3	unpkg.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	x.bidswitch.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	beacon.krxd.net	spl.zeotap.com
2	bcp.crwdcntrl.net	2 redirects
2	sync.smartadserver.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	match.adsrvr.org	spl.zeotap.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	ads.pubmatic.com	player.adtelligent.com
2	acdn.adnxs.com	player.adtelligent.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com vsim.ua
2	static.xx.fbcdn.net	www.facebook.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	tracker_beam.20minut.ua	vsim.ua
2	21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
2	cdn.gravitec.net	vsim.ua cdn.gravitec.net
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	secure.adnxs.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	pixel.rubiconproject.com	spl.zeotap.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	spl.zeotap.com
1	sync-tm.everesttech.net	spl.zeotap.com
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	sync.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	spl.zeotap.com	player.adtelligent.com
1	js-sec.indexww.com	player.adtelligent.com
1	id5-sync.com	player.adtelligent.com
1	data00.adlooxtracking.com	j.adlooxtracking.com
1	s0.2mdn.net	21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
1	j.adlooxtracking.com	googleads.g.doubleclick.net
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	www.google.co.uk
1	region1.analytics.google.com	www.googletagmanager.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	www.googleoptimize.com	vsim.ua
0	leokross.com Failed	vsim.ua
229	87

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.youtube.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-05` - `2022-10-03`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.gravitec.media R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
api.gravitec.media R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adlooxtracking.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
widespace.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 24 frames:

Primary Page: https://vsim.ua/
Frame ID: F7E5404CEAB8EE1B1D1E62F58C6A7C57
Requests: 103 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: 0FE3634EBBAD855630777FEEEF1523B0
Requests: 4 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664179200
Frame ID: 774F39B99C1997A734CAA83157AAB0BC
Requests: 6 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=750aba48efc7dd43
Frame ID: BEC6D50CB7D36BE2579A4C465FD1DDFF
Requests: 6 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 9F8CEE005882D9852C911557C98C1EE0
Requests: 1 HTTP requests in this frame

Frame: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3EB392F8C589E664D06E75D0E641E554
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35c1908cc845d%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff299f3e97ec09e4%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: 80E9E65346B20D278AD4ED6E39435440
Requests: 3 HTTP requests in this frame

Frame: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4C3F5052A6906CFEBCDE3B3EBB35962
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 81DD0463F72CF690EE15E90432CDFF0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXvKVG2vDcPdr2g-FDJTZ1l1CBmeiI1dh9dTkXs--zvr9o5kKSYDb3HE6NFWjPO7E9-U1g4Ru06-GV1O1jdL0W9YHWSf3-sf6g-N0tFtYZ9apUK3MyZBRGqvWygjnehcT9QumrDHHwIlTqo5dDXzMT2QOctI13iClidbuwdJVDee0-iRWE
Frame ID: 5A0DF7C952E3E830137ABC82210799D1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0D9C3AF398648873FA6C851A994F219B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI_YPp1lMEFLnSQ8y9o_dCnXRvGDT50f9W7mfcuXzYYd7QQFMcEg93LVozO4vA2OYyKN5pajxF7w4Vy93hoED7X-rYWCys7fgz4yjVGAI2j1nfQ2igg0WZgdTMyQpU3KHKoqWy7WGHI0WFXEy8U_cbikCgbidrQKk_yOJmiKhKc8OlgeQHjqfUG1Nbx37ys9DrISRI6R50OrXwFGCWkc8LQqyAF09HsUUav65W7I-o3NsPGlunZXApjJtq-s3GXLKeoiMEPqyOmq2DzsyxgSpQigmF8HiQOP4EWDEIKrwFdnROxLQ-HvbD52xg0HLF74rU&sai=AMfl-YSHKt0eAxrWJGvTtChYp52K8yN5Nray7uJtdtzb8Ju-f-c80VlBsnE_qlrlXW71Y128B2qgmf3HjJS98LgkiDBZJ4Ak4F9niN6SgUp3DqvFgMFw6Ks26knSzDSONw&sig=Cg0ArKJSzC21XR5XQB37EAE&uach_m=[UACH]&adurl=
Frame ID: 00790CE8F02A9AF8E0EA228AA7BB26B8
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCuWfwxNAYVQRLlJ58GOHon6TVKcKXAdT3fxTeIUvxAeNI69FXTo7JnMQXUCoJ7PQnUv8aD9l1Q5OLY9oTn7pF0D8dbtpIwO4u1s00RSyHeca1B4QnhdV5HM787zhpHU5xx-4IwAyrnQYNV5z4DCpOmjwJ1gRg3WrMA-_95q3BmXrK2F1xNJa3kFVdOf3E3rZ1F4gfaXgllHVUYUnLQ-29pVmmZ5vW7BaYDjDec7bnz51HrVdfhv4wLp7j2De8jcfABuMOYyHaP3Y5XSus0oeLQz_3IZsRMKhXmAVW2r7umee32jSw_7cpewXTd1uQ5o97&sai=AMfl-YT-Jwff6Uwzko8H1yvhdHROqVg0W2iG7mlNszJyW6Gq4hKVsBiyfpvRPslIay-DzcylvG953SIZNDcgIXiS8kClSzbYl6ePAOyL2ncnU55dmScLmUkN-segF7BoQA&sig=Cg0ArKJSzNKI8zMJM1fTEAE&uach_m=[UACH]&adurl=
Frame ID: DE252EF10B4EB5512090CF4EE0B19D29
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEfI4ULdtJCfgFcnzf63dIlZdepYKJDZ8HJqY4O45E3kNs4kc8YNp6Jc8wEsCayCKAvbSCz5rqWlPTG3K9jY2gXkL4ZIJ-gNe2ej2ubcjNZxMaNgW6tMmoHKL7HFumOqzjBeNQAzo6KMH4SdpjVulSEiA0R8vKgdbhT1wj-uS1Ty6RZt17o53ndoSZQWY4kdlWf79V1Z8C2J1xNizbo5ycQwi-vmzzpcWifhtV1Ypj-pJDcp4-PiNqLLIk4pbuoda8tWxFnAz5V5JOQtYO5ziNMpXah7JDP9x527VNVcT-t1pkP1Ljrzsmx7dwzYofnKvlQ&sai=AMfl-YR9KcqT_RDZT7MRI1Yxa33TZ6Ow3GxDqCvpOiNjqORPu_sZ33QLr0HtcyV-NRK3Rghb-6XIPDg6jzwWtiTUDg3ZXQ_pPzVw6Yjtdmgr2e06POFrhXedpkvZm0x5-w&sig=Cg0ArKJSzCzAIgEzaHGyEAE&uach_m=[UACH]&adurl=
Frame ID: 2BBD64E7365271F0B9A7CF832740FA77
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B2BC6D47C81E8DEC66FB262C7F05A61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950F2FFF793B5CB1DC3EFDE2DF81A9B6
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DF4478D7F8BD34826A4EF38B9389029D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 149B3BB5E3C1E760E4E974CD7D5B4273
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 40251A21294AA42EEE8A256798A0134A
Requests: 3 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 18EDE9D319E210648B32E8E9403F863E
Requests: 30 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: 8C2DF5E20DA44177E7E5CF4DE6A760B8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: 91D669224FCEA19DE1A871CF6AF796DD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 96FEFEFD0EEC69824D01EABBF33BEE32
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1F740625BA26E1E03F4B7485BE5DA8EC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

229
Requests

88 %
HTTPS

38 %
IPv6

56
Domains

87
Subdomains

68
IPs

11
Countries

3246 kB
Transfer

8277 kB
Size

56
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B2%D0%B8%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F%D0%92%D0%A1%D0%86%D0%9C

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.3 HTTP 302
https://unpkg.com/imask@6.4.3/dist/imask.js

Request Chain 107

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=8eb5d26e-808c-4f3c-baa7-3d353d1445bd HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=8eb5d26e-808c-4f3c-baa7-3d353d1445bd

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcXgNd1q0C98J3AG0HaEMY&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzFm1jkj0novzd9voFO7gwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELh8Ng_DzjP8x_l7E-TmB0U&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPkeAv-h33LOlJfF4Y9KvYk&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2ODE1MzcxNDkwNzY0OTYwOA%3D%3D

Request Chain 176

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dJ7VE3xLeTFBUUM1WWduZWJINjJnWC9ETDI1REs0UnRuNWZOMG1Xd1J0RHl0WTREaWlzeUM3QS9rUCs3ZGVKWVFMdlAxdnFlNjlEMTh6dnl5TnlMNmhqOUtQVGtzd0lSampRc1BJRVFWRlp3SG5WWGpyWWYyL2F1Z2ZaVUJLcU93b0FQKzdLZkd0TTBtYUVoWm9VNFRJckZwcnVBVFFyekhWWnNoMW96MGZzMEJlaS95aFV5OGlpaE04ZjdOTStGNnhVUm1Ocml3VHY2VUdmMkVsd0pRSGRjU3JERGxMcml0RFJtMm0xdGwzTy8wWW1FPXw&cppv=2

Request Chain 185

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=da79217a-16c9-4642-92d7-8269046485e7

Request Chain 188

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=d00fd008-0dcc-4ae8-8ed8-1ab26e8f8445&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 194

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3c201b3d-ac6d-4f16-ab5e-4bc5de0158e3&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 195

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=76987020472294622120796426364947297597&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 197

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7147607165815355538&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 198

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421

Request Chain 199

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361&bounce=1&random=3015805760 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=LvcJ/aAtAcDYzpY4cjh13O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 200

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 201

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 202

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-INbxiHhE2opJdsTmRNjrddlGpPddBaAvkQ--~A&zpartnerid=570&env=mWeb

Request Chain 203

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=npaIhORq0nb3celyXn9Qfs5R5qFRS094%2BS41iYitP1U%3D

Request Chain 209

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 210

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361&dcc=t

Request Chain 212

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 214

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&dcc=t

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECV4D84nR7vJgg6Cq7ONBxo&google_cver=1

Request Chain 225

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4468153714907649608

Request Chain 227

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4468153714907649608

Request Chain 229

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55896331-66da-4100-b1e3-dba423ae30e4

229 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

178 KB
38 KB

1379ms
1314ms

Document
text/html

2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce4e0c265d6ac7399ba01bdfe5e98c9ba31041332d85ead7b7e66d75d000872

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 750aba4068a8d174-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 08:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFqLQaTXtGD4pSDXHTKoGHVo7va6otOjf6ugSJXWduWE%2FdlA%2F%2BEGx0FHpF0aa89QbCABZZhzUCNLjsPG%2BIeHIePE3rvdQC3wz9txJccHaeRsMSd4rn%2BwyNd494UAbEYnm5rAxSKv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 750aba3f0a0276e9-LHR
Connection: keep-alive
Content-Type: text/html
Date: Mon, 26 Sep 2022 08:46:09 GMT
Location: https://vsim.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTX%2FCjpolB9taQrbutTdz841jwNXb1Yu1oouNQFmq32V690pj98HtDuNR0mGVMZtiMCTMF3DV9DV45OhY0bIiL0E3eDwiVEkHVqey5qzrGA9MK%2FDaOcyRqMhUm%2FZchAPLwtbVXif"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3831ad9.css
vsim.ua/css/ 629 KB
98 KB 59ms
58ms Stylesheet
text/css 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235804
cf-polished: origSize=646179
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:44 GMT
server: cloudflare
etag: W/"632dcb84-9dc23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6bkiB%2BSzHkdWm5Ic%2FIcrLsEdOof2Eqb52dh82VX6b0SfD%2FfqsS6nbo5izOux%2BzLMshk9%2B3%2Fd7IyIYmD2PWyc%2BBuL7dOSx2p1%2Fku1ZkbWDuKiWZceslqYaHSDncE6O5JBTQrNHRJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750aba48aec1d174-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 38ms
38ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7340014
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4716
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-126c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3pVJGdX8vft6g8yBBizSuI289M%2FLN8Bu36102oThaM57IMGM7wJlJUxxxbqWp3QT09y2OuACKB85O5bcG15if18Xfr9XuIWY8DEykMdGJE5CPI3f3rbGiY%2BmgsuNW5ydywIIGtI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48bed2d174-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
995 B 41ms
40ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6500
etag: W/"5e4d36b2-467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKDAs5plAHc5LBuZeAlywzwkCLzjeDzuF4yEvBoYojr7UXNXXQrNrdPAu5xsgIrUeAG5rcJBM84K4g4KIq8DafOr5yzzsODQhZ5LWZfLNfsQfdfggU5FVW0iL7OuleJOgOY5hpFg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48bed6d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 38ms
37ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: cloudflare
age: 5811
etag: "6218cb88-e27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2pOtzatJ9CZ%2BdbU09BfHH3tQBPBKMC5UPwZMJG1TOzM82BZGBvkIsC1cKK27x6wurGjtQAnG2MB0Q%2FhgzUpqhSkbG8zf9YK2yved7lAGqUrrqwLSvzVBgAzljJrNOSWAeN9NB08"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba48bed9d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
581 B 39ms
39ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7340013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbuRdw45KwoqcJXm35PQc5pH%2BnuCZQtlgtUjNhnPgyIe46gG1aW28RDD%2FyMgbug3rTKLJDloXQPhg1gufQX5JdtF63pRCf%2FRp9fjhqtMo5HC8zBRoJUhGdKiRQTdsgEYhcj6pJH7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48bedcd174-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
838 B 245ms
245ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: W/"5e4d36b2-3a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRJEfDRFvSrrhKrGTpZZt97s1Cy5Km9zVFkpZf9FHDX83hmAk7Svy%2BpOGObN%2Fxfl7vmLG0K1S61l4OZYqZkvpZD6sV8dramOcTy8Sk78VvQJmSphjiO2Rd0h6cMTR3OGG414lW%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ceddd174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
604 B 68ms
67ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233870
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17pQE2djK445NCAjNBzQbckXLQ3PTMTZHKeyvZYhwy6FLbSymtVhKm2rE%2B83cZKAylV3%2FBWG3yW8HP9wsWH9W8N%2BvYi225dPHVSzEby8EOe0164jn%2BVzV66vYDJ6rKU%2FyLBCJd9s"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48cee5d174-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
847 B 241ms
240ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-2fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MidxBbarxgTfVDGIj9kqH5Ph1r%2B8zzeKWLtOaVVkj%2Fx6kkTsZQl2mlIr%2Fh8MbxtqCaGvhvng0ULQH%2FNkaFf2rRK72Ur0m%2F%2FofHybP6NIkr84i7FALhd%2FnwPS88soKSHzvWeapmLK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48cee9d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 68ms
67ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: cloudflare
age: 2596
etag: "620a82c1-200e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YAO9begoWMvDAmku12e8bE2%2BEWjG4f3Rr1CvrHPUDf1%2FpPFNCFZDoe%2FltL1k3JpKq99e3DHiTLztb8JRx56veGuCrScLzPSjxAKgfaCSkEqQKbhA4rS5dm%2BCKggIO8xA5Ar3cWK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba48ceecd174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8206

GET
H3 200 iframe Show response
vsim.ua/site_login/ Frame 0FE3 7 KB
2 KB 283ms
282ms Document
text/html 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa1d56013515bec6d79a423d9f069bd00d7f09afc3f5a3d59bafe4ca4efd97b

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 750aba48efc7dd43-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 08:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmT9hxacQDubRWiglJLDH%2F72rD3zSEyh%2BUCgjHlithMJupomPg%2BWSkBxtsgHuftS2Jp%2BaWVXob8QTlYgcXqAGzvIclwL8Ze16XF7E3rhs8fRQJP1N5PtRC4OEI9o1egqK2sr0HxQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H3 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 53ms
52ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2256570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78494
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-1329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8V9l9SYoKAvkKBoTi5wxSJj3CygTDMcPVzW7i9MY24jxUIPXYjAPImC5Hy6TotSBDu3dubOhocB%2FVq82aWTjrcgkLQzv0Dtx0rsX%2BqcsaI5k80UDSUf9FDnnolpZpV8uA%2BwgoIe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48efc1dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 40ms
39ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13734
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-35a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv2QklbtMwP3jg29dLD2ohn4VyVTL6ulviu6%2F9YbY%2FMZyOpZ%2FBQiPLD5CXS%2BoX7XdGe6YduwFBB9TQbm9KxCnGKEauGp%2BitlPUtGL12EMTMIEI%2B2jqFHs6aP2E8cuoA5QDC4H6AL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48efc2dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ANRVU_logo.jpg
vsim.ua/html/20min-page/web/img/ 63 KB
64 KB 150ms
149ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/ANRVU_logo.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2261961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64782
last-modified: Wed, 13 Jul 2022 08:36:37 GMT
server: cloudflare
etag: "62ce8415-fd0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h3KFv0dZa6FVYRAqpgkqSW5G%2FboaCFwuhy%2FzZ4Bdl1M4N3akQkg9MsQa9KYucq%2FRu0WSN4x7jna%2BxV6zufTWazz9%2BsjOsknGrB%2FJoRRTphMrugC%2F2JP5v6hFDNjHd%2B1HQRx%2FV0p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba48efc4dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 168ms
166ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 988
etag: W/"5e4d36b2-75a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgZ2kwiWSHHs1gD5uK7oBaGBjUu%2FexHQRTmrdv4Vp4ZhNeQBBgqLW%2FWY4XrfLYlrJfmvHzWBFN6Hied%2FV2cziw%2BY7voPZIlM%2FwNn5RD1Nja9K9RdehX4Q1rTg0m1X5kO8wNWcAco"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffd9dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 168ms
167ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 2823
etag: W/"5e4d36b2-884"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNxYNdU9YhcDrSdmf8LhTYXlGEmdWu6jDinpKgZ4mg0SOMca2mRa%2FQPPXoHzW5wyQbX4MENXN4giriQsJnVB3whVA09RpgJuN9qSzO%2FfGhq9g0Pu3OyAsHsNzZ1mZcpFlJMhBgUK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffdbdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
2 KB 169ms
168ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 988
etag: W/"5e4d36b2-aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hjmi2Ny4ZZGsX2FCuTMtYJRogzze%2BTryH%2BtmSKTSCl5Lg9ETqJJxAxgp8X0CcgD7S%2BJE6CQ2P4z9QiYiCtxPvpu7yOQARg8e4Lx8mtibgWKKW7qN8ie4%2Be5tRDveNOr62YiLKOY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffdddd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 170ms
168ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 988
etag: W/"5e4d36b2-7c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuuULbhXDZ03EeBy7oS8nPls2FtsLfsdTfptd3JtHRySCTfVZh%2Fz07xEeNOYjUnLytxU9c1I0%2BH6QaUAgUdDdyvm6O%2Bbe1Y%2FXzaYE6v57QTQu77zVqfN6BEqxMjpJ%2F%2F%2F29%2FNdpKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffdfdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
2 KB 172ms
171ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 988
etag: W/"5e4d36b2-1132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyaoeLbsagev4t3JRgf3GtzYV48N4BeDBiyzKk9sjUs1sxtz8zNWxwVV91nYclZdsu4t3ip1621glwEgjHrAO4Oo1WymiqiqFmMAjquEnOhGIaoFj0RQCOEl7Z5OUPo%2B70lp1d2H"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffe0dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
3 KB 180ms
179ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 988
etag: W/"5e4d36b2-145a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIDdcDYMCVm04RuAFUC1Nn8jA%2FxycgD4oSx875Wu0JWZC3dCt1Zm6MA%2F0C2uEj2%2Fmmpm6VC1uYKYSoUFzl5QKzsKs3BrRY5PpNjd7ztzztxCvfiK5wmxjcZaj41YXyqpil%2FXfOfR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffe1dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 183ms
182ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L8K1UUshuGw0RvUcPwf9OWabO61NQpuuU1tqC%2FBkARvdifSTEV7SxxlGZ6MIy6cD6Y9Pi1tBmZo0o2V%2FDq%2FER63Ot5tVuzOPV3fjcgjKrZevrWdbsgOyUbd8Ra7Ja%2FPf0mY2UoO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffe3dd43-LHR
vary: Accept-Encoding
expires: Wed, 28 Sep 2022 08:46:11 GMT

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 181ms
181ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-302c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnoj%2Bu9%2FglG%2B7Xdlcoe98%2BE4DJENRngPKc9Mk1yNSfvm2GMVZ%2Fx24%2BbgjQRCQcRwGsj3OGrHNq4M0cYKPnwk7V7htDDt4Q3SiokQMS0re5xVyCeYANlgGB46qAlwY36v6E%2FDmIE5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba48ffe5dd43-LHR
vary: Accept-Encoding
expires: Wed, 28 Sep 2022 08:46:11 GMT

GET
H3 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
2 KB 282ms
281ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxWFCwIizP%2BO5R%2FuHgZRiJSbGV%2BMVJRUiUhwXs45pryIVmZKUcKT%2BCnHnZwbqxv%2FVWq3hhbnX9Hzeiglu9qDaCfUedjwpDr%2FpkRA%2FyzE1R08gliUKakoaVApzEMbDNEnoL%2FLsPxF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba4978a5dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 283ms
282ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP5EVYUTd4rfCrypFGmAW0zZUFCFBhlWwxMRRQPOAhUTFuJOOOEXtM8reJJZeXtb1w9iVzATGKqZOvrtxj%2FEkPREV3eRroTqd5BFxEVMxJ7y8%2FX2jVCw55J9vst%2BSS3%2FMh%2Boz6F6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba4978b0dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
1 KB 234ms
233ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pV%2FHjWcit6rEylv1lYa8YYaJcEfha3RCzPg6K59du6MBd5lFAXrfo97U%2FIBtlQHblosX2A5GI8KK11sLQNAV94gIdEav%2BkRMiuedYfCr4a%2B2ZxkC%2Fi3NffBLKVxQiJqCe%2FfB3k8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba4978b2dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
71 KB 115ms
114ms Font
font/woff2 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU8yrpvhopriWGpkaea8qgLD%2F62fBNTjcCLrKK7IPKqCqGGBMVjYl83CHHkFM8X73DqNbdZgTu37V0bXKjJbr9kgLFgBPO16%2FYRpKDgzOQlSCEXK2FZv6LCnS8mFAodntS%2FD4sNo"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba4978b6dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
44 KB 115ms
115ms Font
font/woff2 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44300
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-ad0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnzHfXSugCo9r4sq%2FdF%2FdpclVtL209XupltF%2BVjTiW5iMSht5Dvb9Z69ojd8zMJlj%2Bs9sfFEaTwAXVCFyjq%2FtJLtQKk6yr3RbvIF7YAFmnYEBbhc%2FaimFwStALttfSNCteM%2BC5AG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba4978b7dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET aGeq.js
leokross.com/vAW/ 0
0

GET
H3 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
246 KB 54ms
53ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235348
cf-polished: origSize=900210
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:35 GMT
server: cloudflare
etag: W/"632dcb7b-dbc72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaHsLiJtZJci4mO4FbOrQBgPvveRVGIQOk5uqC8NzIrEwHZ3sKf%2BTIbuXGZdXM64j6XfWDq5PPv7SPXTzdeEUuLxZ%2B%2BXwDIxEja1mUkvVAIH%2BcGlp4%2FDm7drcbMjLvDrHcoCqWWL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 750aba4a9b05dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.3/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.3
https://unpkg.com/imask@6.4.3/dist/imask.js

135 KB
28 KB

52ms
48ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.3/dist/imask.js

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 572085
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"21ac7-KqSYXxY+9Y5mzCD11c6bKZsRmN0"
fly-request-id: 01GDBE0J64VWF34FCRV4ACXHR7-lhr
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 750aba4bd9287423-LHR

Redirect headers

date: Mon, 26 Sep 2022 08:46:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GDBE0HYSBN7GERD1VVXTJF4B-lhr
server: cloudflare
age: 572089
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.3/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 750aba4b88a37423-LHR
access-control-allow-origin: *

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 131ms
46ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91c0f63f6c20ed56ede3c4a566d83f3d9f5820a3beb09fc93a027a2110c015c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Wa1DGHTcMDKA19NFvq/V0g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: B+mgHlnX5TEJmhT7V+EWdgb0Y22RGq9ypQRFab0C0DvbDEgZ3eEYkA3GeGUo3pZ80bIJ8S/Hy0YOmr7VNjc/FQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 5e56f8771ffeb77b3f12209980f584ac
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 08:46:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "01dd0be707319c50ee33a3773f9421c3"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Sep 2022 08:59:58 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 202ms
99ms Script
application/javascript 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4ed244f14205a6a842b6079ca5fdd2ee68c836ea76d92ef9bde52ffcfdc305f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qmml_2aAbNClX-mZIx508w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-qmml_2aAbNClX-mZIx508w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 26 Sep 2022 08:46:11 GMT

GET
H3 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
34 KB 47ms
46ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235348
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:47 GMT
server: cloudflare
etag: W/"632dcb87-17b3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEucoh41JpBHWZPdTqXZSlcsPjRSMyn7MXZVEg%2BRvRxyN0BSSMS4Rn9CcDRuffg6mOOaT9XhyOGfhEgA1OKuzB8PULbeJE7EaMb3Wzo2%2FDg2%2BqALiAPrGvg4nsgxzEUNfQy7JAnC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 750aba4aab0add43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 150ms
64ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:41:55 GMT
server: nginx
etag: W/"6321be03-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 14 Sep 2022 11:46:21 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 149ms
53ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d69bfe8ee79f9288bafffdd55e8d5260907e85cdbff714928b4e1d8daa6a2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41510
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Sep 2022 08:46:11 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 774F 36 KB
13 KB 34ms
34ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664179200
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae34fc57b2c61b2d1028f651253f801ff34c44d116f6f9217a8dbfd2debed4d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=magouoMiWJadezLwc%2FqzfUTLreoVoXKVwZySyhKJa7%2FkeNjWuJVfSEsl1OrsYx18d8%2Fk6JIs8IIH6gAWcGD4NgX%2FPOET9Q4g%2F8cnsZufSqXzKIaczcovO0%2FQtTLAsgNSljVBzyAR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4aab0bdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fc40332.css
vsim.ua/css/ Frame 0FE3 177 KB
31 KB 70ms
70ms Stylesheet
text/css 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235898
cf-polished: origSize=181636
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:05:01 GMT
server: cloudflare
etag: W/"632dcb1d-2c584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v7sw0In8sPf%2Fxn9yJMjaHKwfN3yp546eitJzHsinDY1W984uwBqR3fvuxAtovT71YvO7Gxr6Lty%2F546nnkHDO2Zavp6doRYo0a4L%2B5R4tHDlNRY2C8%2FNN8i0SqtZ%2BXmBXxaLbNf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750aba4acb5ddd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 0FE3 12 KB
4 KB 72ms
72ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/site_login/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-302c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsAlZXQdXsTM8RpIrB3xTHoyfmeERWCZKwM5r59vgZX3l91oDnfbGjN2qmC74Ac07TuNnunli4NswUOzdpccGCPC7b7Cq8YTcXwk3FpPW4GUbhi7cf8d9KLr9W6EJsnK2eUE%2FuoB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750aba4acb62dd43-LHR
vary: Accept-Encoding
expires: Wed, 28 Sep 2022 08:46:11 GMT

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 774F 19 KB
7 KB 48ms
47ms Other
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17970d9d7ed93edbcac84ccd2fdf0286835d807ed80d9bb008d8b97f220a057c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCFAoWnhTkEuI%2F58MXhDRjS5g2diHwC87fJqczApruggQglp1RpaycBU7AMu6zlgyGM7azTw7aPc2Vt2SmvkJ5idyoL44grwobBqLAQ33Qw7Bk417CT%2F942MlylQLsxAoE3%2BXLm1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4aebafdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dba7e9c.js Show response
vsim.ua/js/ Frame 0FE3 246 KB
73 KB 43ms
43ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235896
cf-polished: origSize=251457
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:05:08 GMT
server: cloudflare
etag: W/"632dcb24-3d641"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr4IK5c2%2B0FvZlg6k3XS6MzgCteHlQ5UrgcRRP9sn1Ki5ZRNvbIOIhWSPW8eeBMe37%2B79RWTSpOzAB%2BdF1t%2BVM%2BAx8Cw2auJp1vDhsDJpqM3mOhvKw626c4Em6p2nr7%2FfdrqpmND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 750aba4b8cbbdd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame BEC6 33 KB
12 KB 35ms
35ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=750aba48efc7dd43
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54631d1c399806ed4a4cd10984a97e61bbfd4319a3e47be75c98a774d89287d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylsEPUaY0%2FHANlifEh8yd2%2Fxnu%2B3loWUGzSGzWPsy3HMEjXXBvUqmDoJzUuo9SFBaLooRmkjJ538pZ25wX8M6ZgWHKZIg2rYhh9Z%2Fw2pErYDT%2BDqrQ6qyEfw5EhWeNk8btwNFy60"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4b8cbcdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame BEC6 23 KB
8 KB 43ms
43ms Other
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4165da6128f7befdc7819c3b87e78cf2771d667b02f7b7253d8d0c505d281bd6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONe58Y4qzwhQ0%2FFnkFjx2vBG7DA%2FHqdOg24OFnhh3FmOEvjwa%2FJAMKd5WSciPv6Q412DQVKW8qG6wHMU5YKsvs4RWggEiBhTFhZer6rWPTpaqQrBPunkI1zOrteERgI24A3FDpzj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4bed60dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame BEC6 40 KB
15 KB 39ms
39ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=750aba48efc7dd43
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73093a0fb8b39b673102c665f068c53c7e4b1ff31fbf65277774899fe2a28d21

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcrk2n1AIdOSu3n6%2BrCBYALgxx74LF8wYTxi6i62nbQyauG%2F8uDX9KkvMakqvgLSoaDGkeAX5nivYiYHRpdTVVVSW9UfEerr0C1Hsm%2BLI9k%2FtWrawo5VA6uENnmR1OF2cmCwS1i0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4c0dcedd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462272/ 365 KB
112 KB 180ms
67ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4794ee8f55c96958afc723aeb58936bf215622bd8f2c61ea8a3f842737ae2224

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 10:42:47 GMT
server: nginx
etag: W/"632d8da7-5b271"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Sep 2022 08:46:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 172ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03ae4ba0f72a9f798f2256a8e2d955c0583977a43d1d9464fe6cd291e7f99ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27832
x-xss-protection: 0
server: sffe
etag: "1345 / 804 of 1000 / last-modified: 1663970834"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 26 Sep 2022 08:46:11 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462272/ 2 KB
1 KB 237ms
124ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462272/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b3d15910ea85878148af2fc4043f938a1237e7ea33a5daa6e78e877b0f2f0fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: gzip
last-modified: Sun, 25 Sep 2022 12:12:41 GMT
server: nginx
etag: W/"633045b9-6e3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Sep 2022 08:46:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 110ms
53ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
x-correlation-id: f96f4d3ddc31915378853e1d7ed534b2
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 188ms
53ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1120
date: Mon, 26 Sep 2022 08:27:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 26 Sep 2022 10:27:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
50 KB 152ms
60ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2739ea9936b93466f33d693b8fa5333a5331133c49e89588877673530c6fd194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50253
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Sep 2022 08:46:11 GMT

GET
H3 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 93 KB
32 KB 42ms
41ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235347
cf-polished: origSize=197222
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: cloudflare
etag: W/"613b1906-30266"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ape5kSrIY%2FbCiletdZuXm3Qfjwetq7tXbP2N4EWeZG18GB%2B4uuezxmIU%2BX1DtMK8A79guFkH5ImnE6FCqshTZ%2Fnz%2Fwb2chuCSWqE86OK05wlgIlJnFX0dbv6zYXIBruI2o%2F4YajP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 750aba4c3e0cdd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
26 KB 86ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: E01L6gfgHBlWRqgHWVy8ay+UsDewZkpaXeKADQcVsu2Ffa1/Sfjd7XMlZgIsBRz57ofXip2QwjNAoXlkXFF7gw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 08:46:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 750aba4068a8d174 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 774F 2 B
644 B 51ms
51ms XHR
text/plain 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/750aba4068a8d174
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664179200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP2ZoJJ897vQ6%2BWYx19hIQgQIyC7gpkosVIQxAE6%2BAcPp%2Fa0cRaqqcRUcTpSD0IGfL0R08RHnrXrwJlC9MPdimzAzKXsLF5Mw%2B1ZcBikZ8ujQxM4hHcLwx0YJtAQj65era%2Bm05m0"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 750aba4da892dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
id.gravitec.net/ Frame 9F8C 621 B
696 B 226ms
51ms Document
text/html 2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 08:46:12 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: Abm0DAbiMcn/Dju/AA
x-77-nzt-ray: Q80KYkCPYQk
x-77-pop: viennaAT
x-accel-expires: @1967009478
x-age: 12532494
x-cache: HIT

GET
H3 200 pubads_impl_2022092101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 09:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131360
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 08:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Sep 2023 09:36:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
115 B 133ms
49ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Mon, 26 Sep 2022 08:46:12 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 774F 49 KB
17 KB 36ms
36ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664179200
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c04d1b4e2010e1f7d61514bdf073b1ee8af3fb5a7a7c23878c9214fca60dec

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SylhB8WSsGBJZD2SNQGswUx1LkhbKF0jLcjeY9IU%2F8exBc0vKWAN6aMijzVu64%2FEaFQBwX57sLGd0yc9nkzRBSHIOie8Xu0kzEK3Z2u27UnVt21J5bPW0ilhFVDqLCd8dFFqvBQM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba4e69bedd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
789 B 41ms
40ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171147
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uS7ytxkLwCgSgg%2FgmBYuYSn8jzoJ2zo4jZdF0Q1XGdv1cEPzHyysBq80ISY7MV3bKwVen%2FmL4SBYSBh42QiE1csi8rpImdF10GQWottyzzzhVObrG2NI%2F1uW95dZh3gxdph3phU0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba4e9a09dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 38ms
38ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5504
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qX5jRZTBG7OuWUUP%2FUdBrxynkykR8aZ0KDykGFHd1m8t3Z7PdPjezKsaPD2g3qh8pjqZg%2BoQBWLZ2OUa34G2Bqnbbzmbbug5E7Vep9S%2FGYh7LWU9AKhsNpWbS8xe8X04fdpKcln"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba4eda8fdd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
791 B 51ms
50ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235349
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=568v6v%2FB8nEANPhEg5NRwKa%2F9C1VhfLA4GAJRadzYsholbwoneUZ1fmZ2EEWo0%2FN72XkWnOLUgwbjtV7pp37cBX1zYOxpUQc7nlgiIgG97VG1ORbBbIaboE8ZFixxYjU%2FjIXg3h4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba4eeaa3dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 check Show response
vsim.ua/site_login/login/ 20 B
477 B 112ms
112ms XHR
application/json 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-dev: Desktop
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeYVB8Py8m8F%2FcMwSdLoa2tsAVUgVBQrWR3FzfCBZ9dTY%2BEkGfW35I7cYU6etvBvQwBm0%2FhRfYoPTbwQEkntTMn3ZjzzS8z8mDOwFrx3h%2F7%2Ba63DexOuwaH69tckTcxK%2BRgEw3vj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
x-cache: BYPASS
cf-ray: 750aba4f8bc6dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-stat: 1

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/x462272/ 182 KB
33 KB 36ms
36ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/x462272/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 136afd926d4d4d63e28f6f7ecc2c549c82fb8780b549c7a626933b828b0500b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
last-modified: Sun, 25 Sep 2022 12:12:41 GMT
server: nginx
etag: W/"633045b9-2d835"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Sep 2022 08:46:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 105ms
28ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 25 Dec 2022 08:46:12 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
455 B 232ms
77ms XHR
application/json 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 506134916849111 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

623271e8c873fe29ec241ba7a856787aa39b9c91c7f166ebb2aa98e8a13c1446

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85954
x-xss-protection: 0
pragma: public
x-fb-debug: L0Wq/XPLGOpq4vqntvGt+tBMvvb8uPsg9c7mqgMnM2jx8QaELTVjm+shNd2yWNHpijgIliuibVujiCnwiRZjMA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 08:46:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 d4dfd9d1a62e61dee00b7500157521cdc55da92a.webp
vsim.ua/img/cache/news_rtp_large/news/0029/05/ 43 KB
43 KB 334ms
333ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/05/d4dfd9d1a62e61dee00b7500157521cdc55da92a.webp?hash=2022-09-26-09-11-32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62318dcffb7b5bc76e275762444a4c95bbee865609bf14985f7e97d72081b67c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Sep 2022 07:58:43 GMT
server: cloudflare
etag: "63315bb3-abae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWDATxsf4krO2CQttbMCWPMJPRRNZBKe513DRNDtGiiuNpottS1zNkqLIG1gj0Vd60Qpz2F8efO4VbQxhnVhf0RIKHSvCpzoIwzPoFaMJ4B2A6Etd4fapit9jBNcKVXYVpvfbbUS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d41dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43950

GET
H3 200 d4eddfc2fc17f0768536ce6ab9894740735be6bf.webp
vsim.ua/img/cache/news_rtp_large/news/0029/01/ 23 KB
23 KB 235ms
233ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/01/d4eddfc2fc17f0768536ce6ab9894740735be6bf.webp?hash=2022-09-22-12-56-03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330da08cf9e849d55c2c932b2cb0f8a6c747201a274de17c6f44d05ffe57854d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 25 Sep 2022 10:13:42 GMT
server: cloudflare
etag: "633029d6-5b32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GU%2Fs5gBd0HtkeM0lIi6ItAdNpyd2iv834uMG%2FcDE2s9QN1pShkwE92Jsf%2Bd9k18BHQ2hTBh%2BXUJCkWUVxAwPfCANEZmAK6Ub3SxaOm6vtLXcllXKs4l%2FZpuNLG6P2Tud7lr6y97"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d46dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23346

GET
H3 200 2791334-fotokonkurs-tse-moe-misto-nadsilayte-svitlini-ta-otrimayte-podarunki.jpeg
vsim.ua/img/cache/competition_photos_rtp_small/competition_photos/0028/92/ 67 KB
67 KB 327ms
325ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/competition_photos_rtp_small/competition_photos/0028/92/2791334-fotokonkurs-tse-moe-misto-nadsilayte-svitlini-ta-otrimayte-podarunki.jpeg?hash=2022-09-13-16-16-17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e39e41d9862cec7b5777e7a1ea5310856b3451f5569155f25c6ebeea372b4353

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 13:16:17 GMT
server: cloudflare
etag: "632082a1-10a3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH46veWunbNAxasJmypgRr%2Fe7493mNzItEJaA1ZHQCyZHLmrGMK2THDqAgLHVGEA4hsWWy35cdz8Pr7ewdCQnZJAm%2FbnQwvFxaKrOaGbO5woMsgOGzY9u7kHac5%2Bo%2BKwmK1kz3nj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d47dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68156

GET
H3 200 5d85ee8cf2a04730be30ee1076fbb4e14a4a6cfe.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 35 KB
35 KB 282ms
280ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/5d85ee8cf2a04730be30ee1076fbb4e14a4a6cfe.webp?hash=2022-09-25-14-22-48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eecc10953cd38efa6730ae5e8376d4ff6f8516f5a63325b3d92f1768d10372d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Sep 2022 07:58:45 GMT
server: cloudflare
etag: "63315bb5-8a24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3gHo4IoKOThJdJ5M4JGmba%2F%2Fn4TceQ%2BgYoR4GvzDKZ7TAcHot0OWqz7kOvsdTb9k6rKPuLMDgGzxevzXSucKvtxf11y6SB0HNA%2BDZGGfedZIIZ6VOnPn7Uz5ywO8lNPNcryJU2N"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d48dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35364

GET
H3 200 fded61fe52238d62608f95a7d2253448ef47403d.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 22 KB
23 KB 291ms
289ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/fded61fe52238d62608f95a7d2253448ef47403d.webp?hash=2022-09-25-09-51-51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e614bb3ceb485b86114b48c2202f19f445d42cda858ba3b958d6de0d75b462

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 13:07:12 GMT
server: cloudflare
etag: "63305280-597a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLaZCdRuVogTOSFsh2NkiUFErlFEherTDJ2qBzqY0BoFOZuMY8h8CwhuRygF4mk5SmUfWAwik0MBDiOESzSmOq3jWxWULbE8E0A7HwrcAmqYi8YjF7EX9N1LRCJtwt7XPou%2B7njT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d4add43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22906

GET
H3 200 3aef62c5ec32f4b09978b1a9d6e6214920b541a3.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 36 KB
37 KB 285ms
283ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/3aef62c5ec32f4b09978b1a9d6e6214920b541a3.webp?hash=2022-09-25-16-58-06
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dde86d1452bef784b2e572cf459ce798f82f7d216593b769190ada4cae240eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 16:56:16 GMT
server: cloudflare
etag: "63308830-9128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9wipKggy6kf2bafTbW0AwgWflEWX0xeZjlnbop3gl1iD%2FajGXbQ85D2tt%2FclCx%2FIld1nWLihSYfqvN6gxaa4kjTMHyPSmh5xIsudYHWR2w%2BqDcfg8eczgg4aLdL4ehxieHyOwZ3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d4cdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37160

GET
H3 200 4e628f4ede770c3cb26388302735db99dab4ffcb.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 30 KB
30 KB 292ms
291ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/4e628f4ede770c3cb26388302735db99dab4ffcb.webp?hash=2022-09-25-14-27-12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1930f794c063f63741a3274a728beea99a3357442303b7ad32956517db069b0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 13:07:13 GMT
server: cloudflare
etag: "63305281-77b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTyLoMj932gUF01R6imUAomn3LXQW3q43O3%2FZUzh4eY1ZQ7K1oSzyr9ILkTN3ZyoIgHdVktkSk8NYTxDqiAeeNhTAqPmjJcLQtrRxEEQWD4Ii7Y8OK7pUXvEBe3aLOOJbrkhlxxH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d4edd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30646

GET
H3 200 4a84a97403142f20122572eebb7018265fcea9ee.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 26 KB
27 KB 274ms
272ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/4a84a97403142f20122572eebb7018265fcea9ee.webp?hash=2022-09-25-10-57-47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf6990d122f4438735a3b53c7a639fd3b4fbac42d4a5077e41beb6f27f4f47c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 08:15:52 GMT
server: cloudflare
etag: "63300e38-68b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIAl5TsFZ521kZ5o%2FhB539E69BteJs%2BK3DJ8K6sGmhqW5aBm1MbLwOlcX6QeWgQMbzyk%2Fo%2FepK7pgo4wk56sIXzjUARN4pkSey3SY%2FIi4nc9K2WtEFJ%2Flp%2BrFnC08z0vrDMaWkfy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d4fdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26808

GET
H3 200 e7d075e98b60abc744cc2ed898c282549ee17b69.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 17 KB
17 KB 275ms
273ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/e7d075e98b60abc744cc2ed898c282549ee17b69.webp?hash=2022-09-25-15-39-18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e3d24e435b9c2d364d5bb5286a92e54b7d0dc7a2fdca925b3ad4914f57cdc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 13:07:13 GMT
server: cloudflare
etag: "63305281-4344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qliawpNCj%2BG%2Fyf2bkc2iUP3SXr4GkwkeX4qpur0Fttg3cKi%2BYuduzCkQJHdA2W07pYG7LRjRc7tYPmtQmsGhhKAn%2BkTnMW6MTef3hWfCdDelyN7p7MpYe7SxlP9xFkoJ11MMg1l7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d54dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17220

GET
H3 200 6b1c8b847c3925d58a5bec6a7914b19dd87e299c.webp
vsim.ua/img/cache/news_rtp_small/news/0029/03/ 31 KB
32 KB 287ms
285ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/03/6b1c8b847c3925d58a5bec6a7914b19dd87e299c.webp?hash=2022-09-24-17-19-57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2e3d328bbdd313442dbefd32d519b6f086117c8d04d01c6fb58f9743e96112

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 06:55:28 GMT
server: cloudflare
etag: "632ffb60-7c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvD29PbaBR5%2B5UVhVqbKjKqw8DloRP9SP%2FiexUJP1iWe7jQd9dM%2FnmMNwROfaRdZlcT1lWb8SNo4qiRZdYdOHKXZr5d2LJdrr1wiKBCn02eXxVEjnkEvAMDe%2FZkv6aln0M4XkJD%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d56dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31882

GET
H3 200 2802013-dyakuemo-za-takogo-sina-hmelnichani-proschalis-z-22-richnim-oleksandrom-borbutskim.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/03/ 13 KB
14 KB 225ms
224ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/03/2802013-dyakuemo-za-takogo-sina-hmelnichani-proschalis-z-22-richnim-oleksandrom-borbutskim.jpeg?hash=2022-09-23-15-33-09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8a02b1b1759a6eb16615705ca8f1e754ec98f4e73c3d2d9b5e7d9027522d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 23 Sep 2022 12:33:52 GMT
server: cloudflare
etag: "632da7b0-34a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOjzw2ODTa%2FqN%2FCB2Y6SJW1Ra4EAsDnP6EagfNjjszp4plQbagEckc8LVwUp9T0yQLRKktGGf8Kx1YFy43H9X4b802by7wBNBeHy2iv2hRIr%2F08HMy%2B06HNVgYJG5vQLYeA2rU0E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d57dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13477

GET
H3 200 2802966-ekspertiza-dnk-pidtverdila-u-boyah-na-kiyivschini-zaginuv-voyin-z-shepetivschini.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/03/ 12 KB
12 KB 232ms
231ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/03/2802966-ekspertiza-dnk-pidtverdila-u-boyah-na-kiyivschini-zaginuv-voyin-z-shepetivschini.jpeg?hash=2022-09-24-17-55-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66f8e9de8dbbc16a0d4cf3bb4c4508f3c5f22b0d08ed22fafeef5b73ffab905

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 15:23:15 GMT
server: cloudflare
etag: "632f20e3-2fa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMKhvashetveg5EYJF0xNUMebwJylA3QQ9u5qdulZlE5m9R1j4FojaWY%2FQm3UH13y3W20vaDdlqRkFDnh686ZMzORIa8X0%2B9gGEL0QbxsMOBo0TbGbL6FOeUSYEU8nvzs35MycRK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750aba507d58dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12192

POST
H3 200 750aba48efc7dd43 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame BEC6 2 B
645 B 50ms
50ms XHR
text/plain 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/750aba48efc7dd43
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=750aba48efc7dd43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiU%2FZHTwyjNc7%2BbGs9qAn1eEMQ0PXYDCfMMPZKV%2FTbf%2FCu866YEQEgW3Eeo3d%2FVXIgCLIOLbMJuEg0QmQk9XOSnO58T36D95d7ODVcH2EtfesqJj2BuecWUBBupP%2FINtSR8dsW%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 750aba51cfa9dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 138ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d834fae70856749ef4f67d4b497acbdf1dc974b7af71addf5e521f2e40d52e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74508
x-xss-protection: 0
expires: Mon, 26 Sep 2022 08:46:12 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 183ms
96ms Stylesheet
text/css 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GNQJ83H15pTpUl-tEk4sYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-GNQJ83H15pTpUl-tEk4sYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 26 Sep 2022 08:46:12 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 153ms
69ms XHR
application/json 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=T854ly8TcaqJ7VeK%2FVG76g

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67c1de63d6aedcabf0a5570ba0a5c8f7131baead984f107698be6eff55dd76eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DIhPkOJDuv2HfLtkdP30jA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-DIhPkOJDuv2HfLtkdP30jA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 319 KB
87 KB 91ms
47ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=36b1d197cc7cab129fefd9ec690c310f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d421eeebe9dfe3405a9f328405eac572d589ee2e1d91af83fcd33dca7a82d1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /j1y7IbCNTNPEDmq37XTQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88956
x-fb-rlafr: 0
x-fb-debug: u0kFNX4qW5D5DDWUGSYxE9G0J2Y4c1Jj9RaVZCeXUllRh1KqDj4qctoJRDLHLgYBITJ/OABlLNnH8uKmysxuZw==
x-fb-content-md5: 6ee81aa09ff4749498c1f2b287868b7e
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 08:46:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f217060bf35bfd894d3cb8ff5e5390b6"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Sep 2023 08:17:05 GMT

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame BEC6 21 KB
8 KB 38ms
38ms Other
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c6239a9e9e560564a5667bc79b289cb226858cb5cb3ed2ba05da812ba9df7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjCnVEAcM6BZkqPpEAnMmwTNgGwqpWtrFq%2FBJyNud8fWEl5OrG%2BSv0xlVxkUFcK1%2B18XcdVrbQreevD3a02fz20Vq2vu9xeoYsuhxEXtpVvNcm8FtQKrPaoffuQOj45fhc2aISx0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba51ffe7dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 185ms
76ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=351440755&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=39970207&gjid=1819354357&cid=2060000085.1664181973&tid=UA-43975937-2&_gid=1471119187.1664181973&_r=1&_slc=1&cd1=NotAuthorizedUser&z=1309510113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 136ms
37ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=1a10ab74-671b-482b-a7ab-94352bd7e59f&utmb=1299eb37-0d19-4dd9-bde6-870afcc8767c&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:12 GMT
x-correlation-id: 34650468e4f4ba236dbf1f2b7e90c41c
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 105ms
36ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cec0057bc3bb49f520b6efc89128e39122f9b01b4d74056ab9c95c69860d3d4

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: gzip
last-modified: Sun, 25 Sep 2022 12:01:29 GMT
server: nginx
etag: W/"63304319-8f1"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Wed, 28 Sep 2022 08:46:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 774F 23 KB
8 KB 35ms
34ms Other
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4165da6128f7befdc7819c3b87e78cf2771d667b02f7b7253d8d0c505d281bd6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pboRFB8c25GDAX1pbDe%2Bl18IR1QmcNY1Ds62QDHhRhfSszlDcNP%2FZ54DKXacvD9XAylDWoyrBjFw9BJtki9mONXosdxu4h7v59jW8CeJMz7KEeE7sNYJvWbkZt4GwfTDL%2BldmzRN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750aba5288d8dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 163ms
53ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1664181972886&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664181972885.1369131307&it=1664181972541&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 08:46:13 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
414 B 206ms
60ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462272/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c6edfb7c948f22551441519f9f274eebea903edeca3b4ac53356eefb34df2fcf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 08:46:12 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 196ms
53ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=iiz8fj.6o&features=81952&vpbv=N087&lifecycle_tte=3172
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462272/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 08:46:12 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 154ms
54ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 153ms
53ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 458ms
458ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=495332278511898&correlator=1993471551314339&eid=31068498%2C31069762%2C31069828%2C31069595&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664181972908&lmt=1664181972&dlt=1664181971287&idt=1537&adxs=1092&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=2060000085.1664181973&ga_sid=1664181973&ga_hid=351440755&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c33a141076bdadde8c0dedc63455c0824ed9b8de2356f33edc7f15d97783a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8172
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 147ms
55ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1baf631b124fd6ae548269f7b575c7727612c4cfb05749d7d6084030c7797c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11150
x-xss-protection: 0

GET
H2 200 container.html Show response
21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3EB3 6 KB
4 KB 398ms
87ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 08:46:13 GMT
expires: Tue, 26 Sep 2023 08:46:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
792 B 36ms
36ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171147
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBI%2FQ1pQ%2B8xrgYHiRhnXXpd6c%2BMYXHol5XFhCiIwkbLWdeBbLi3viJ7Zt76I6KudebVY57P3esitDoQjPB1MnFxLElOAvNKidXgN7BYAMtKQbfuYv7rErTpeC%2B36DMwRVSPWA0jR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750aba52d975dd43-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 85ms
84ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?eed6a3e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 26 Sep 2022 08:46:13 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 370ms
83ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Mon, 26 Sep 2022 08:46:13 GMT
server: nginx/1.16.1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
341 B 233ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oe9l0&_p=351440755&_gaz=1&cid=2060000085.1664181973&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1664181973&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 223ms
35ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=2060000085.1664181973&gtm=2oe9l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 279ms
89ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=2060000085.1664181973&gtm=2oe9l0&aip=1&z=782347195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 221ms
34ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-43975937-2&cid=2060000085.1664181973&jid=39970207&gjid=1819354357&_gid=1471119187.1664181973&_u=YEBAAEAAAAQCAC~&z=946078892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Sep 2022 08:46:13 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 51ms
51ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1664181973044&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 08:46:13 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame 80E9 31 KB
12 KB 241ms
187ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35c1908cc845d%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff299f3e97ec09e4%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=36b1d197cc7cab129fefd9ec690c310f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97e683c34fc6c1fe855b126d7fd9e0c5ab63b94f3065b6f231f282ef76e5260d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 26 Sep 2022 08:46:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: XcT2NsLpYW1FTvmTni2uGmaQUUJBa2oozb+8juNsQ32dmYAjvzmdUuZlYVLSUVdZ1AYBqgRNUcY0ly6hFhXHTg==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H3 200 750aba48efc7dd43 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame BEC6 2 B
637 B 48ms
47ms XHR
text/plain 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/750aba48efc7dd43
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=750aba48efc7dd43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCZiJcAw5mZkCGvBdxxUxZTjsiC%2FufKVo9qgWNQx9zXbuMPtmlVIDHFTjJrwUrdYVHRyJxzFv60Gtrs7CC5M2wMnVOa485wIqoYzTitvUle45pzxExueHm4zF1492BTtpIEs9Hxe"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 750aba557dbadd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2707ms
2617ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 08:46:16 GMT

POST
H3 200 750aba4068a8d174 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 774F 2 B
642 B 49ms
48ms XHR
text/plain 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/750aba4068a8d174
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664179200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A%2FmBoMDQE2DEzzbIKlaK0JEjy72KTpCgHm9A%2BR0R4cUqHM9RoQapOmnb00Ln551FGtFQU1gWXRwROsTd55yNG94GNO6zAnPbpj4r1HTV1OIUjTTpD%2B21k8V1U9KrXMeeLVZVN%2FU"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 750aba57089cdd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 359ms
277ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cc91883fbd78126c9311d9164dc231af4572ed76d0180c0c88df87b35e91fef7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:13 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1b3cfe5e-f6af-475b-bc4e-22437c3671d9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=h...

551 B
961 B

36ms
36ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=8eb5d26e-808c-4f3c-baa7-3d353d1445bd
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: 2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Mon, 26 Sep 2022 08:46:13 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 551
x-sid: AMS-936

Redirect headers

date: Mon, 26 Sep 2022 08:46:13 GMT
server: openresty
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.0725313779449277&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=8eb5d26e-808c-4f3c-baa7-3d353d1445bd
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-936

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 333ms
252ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

558fdd17bba736d3c861e548e2870278e9f68dea1141be1377c93e0f8ce378cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:13 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d3b99f6b-241b-449f-a54b-48c92740347f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 379
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
559 B 171ms
78ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221387a06193cd2c8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22148c7d6ec175a8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%22156db402ccd210a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%2216d6297c6fc0c13%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228eb5d26e-808c-4f3c-baa7-3d353d1445bd%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e32d818e03be4c30e359da86b8aa7928b8bf771baaf1c8a9054fdf0c9c6c8ca

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDbI4WYgJb5ZF4eBKXb0Sq4USXA2QrlW9lpz5p0mmAZQ3khrdJvpjoG%2F5pisk65Hm6pHpJfq5MtmOpttu5yml3CvBdZ%2BuNugfxBlr3kZ2oCDlZjhj91ypGqTT0HG8uCTt2eB%2F94Q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 750aba57cfa17433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 823 B
580 B 54ms
54ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 06097577a71685bf2930b06cbb769871ccb6438278e3c0eff8e4c0e22fb1062d

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 26 Sep 2022 08:46:12 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 278

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 147ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 26 Sep 2022 08:46:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 137ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 26 Sep 2022 08:46:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 117ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 26 Sep 2022 08:46:13 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H3 200 container.html Show response
21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4C3 6 KB
3 KB 163ms
54ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 08:46:13 GMT
expires: Tue, 26 Sep 2023 08:46:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 80E9 323 B
749 B 122ms
40ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35c1908cc845d%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff299f3e97ec09e4%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
x-content-type-options: nosniff
content-md5: mEtfkiuN8zERyZQcBN9jeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 323
x-fb-rlafr: 0
x-fb-debug: 3OB9gzTxxal0I7cmYye4XSvdUGcfkc5ufZ4Ix9IDmF7hjjvlRyStsnwUyeoFALMY7RcwnMTMUDc4BIIA/zd5xg==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 13 Sep 2023 00:15:29 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 81DD 0
15 B 51ms
51ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 08:46:13 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 QO3gsQVBcmE.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yu/l/uk_UA/ Frame 80E9 570 KB
143 KB 117ms
42ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yu/l/uk_UA/QO3gsQVBcmE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38bc6dd0b99d8f3192c498597062251b8ba7d580d600bb05833112438664a26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5j82TgN0nPnYlcJ27I1xUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 146272
x-fb-rlafr: 0
x-fb-debug: lYXngcQsFAXHJab4yNsiQMYkm3f4Qav2mCNkMlyZC6CoOQSa/PG4F4XPu1mBLh9WJ5i6FPQX9UDf0TpHp7/2fA==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 23 Sep 2023 18:00:35 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5A0D 624 B
974 B 142ms
52ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXvKVG2vDcPdr2g-FDJTZ1l1CBmeiI1dh9dTkXs--zvr9o5kKSYDb3HE6NFWjPO7E9-U1g4Ru06-GV1O1jdL0W9YHWSf3-sf6g-N0tFtYZ9apUK3MyZBRGqvWygjnehcT9QumrDHHwIlTqo5dDXzMT2QOctI13iClidbuwdJVDee0-iRWE

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 08:46:13 GMT
expires: Mon, 26 Sep 2022 08:46:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F4C3 74 KB
34 KB 163ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRswPKMnDWqesvFAknuuiBxsf8wu7thyoCN07YU_GLSpItGD5giLjmCy6pjgbswg4fI3CNcdwMQ1UjYdVh9iwhIRS9sQ&cry=1&dbm_d=AKAmf-AiEkf2i4gwwbm7241_iVaavekYa5oQYg32XyluF2RDP84rKtu0Sbp3f_R7b4Vga_C41pgIHOoWfLyG29T2eWoMyGDkB4gbtSxsbjXAMuuqGOeCKYtUlT0Xf5i52umu_H3GM67N--nAnZ4sI4ikOh1jbCEyW8XTJTqbpPUosAY5jkFqmnCfSxtCClpYsZ05uNg7Yu4firlYU3f1vrNkAOBYGWOkytnWg32esjpLTqMJN0jWhLvhcaNy7vdthz99V-Uq5dexuR-QhGVpWEVC4lVuDFxU1RGq2HceY3M0sRAo2Ls3FNDrOQCmV1yU47NAON56Q7VvC2ICmJNh2MwpDzEa4hXy8A7Jx1x_SCsAWu0XGs8qe-LqSqH6r2Me21anAZrfa4OQUd-aLamsguGEo6gkOQHSxXmcoq1Id2wxq0D6j4Jbh_4M3HByakvr0LAyxqOUwv4KrvijM_6HXfmXUUjaH8ZSXR1fn8C1LkETj0S4Iv64xrW9jj9j0b1b4KWdGgX4qGsRB3D_4cvzS_nOJKsp7YZ8YUjPV1ujyCxKLoRaKJSjTPHiR-1e7C-shAxJm75fhXH0sRaplB7oIIAPtx2qM6JtzySoIkokB_JBh3gFu6WDZtaqrFU903IQuvD7Agy1Swrrbr8DKx0NMqG1r3hXfP3fJlAh6b3uuHcrSlG5mzytvVsPY-aZyCT01p7xhz2COFsT8hANYCg0m4NVpN6N9667DJKNRo5auSVQ77E19RvcoqMrLTDHDHaedMhEivJPusk5MfEjXfo0i5X6I02aFxZR8wko2TtTorIhDAYxznMYELzY9vGnRp4bLKMWRxoNJdGyirJAv9BgAlZALvfVECDYJmTxs2qCYnAvZouOpojvogO7fnDzWtWFwBB8i9hcGmKH7F1sTHkNy6RDKwk_kfEgEzremtlJfMFCI__8-ux8z4Zxvz3xEbPM9L3uZwlAoSQvaSffVp8d2QTgcb0ndDf2qQoZVYNCKMU5EjgGwqx04M9XvgykKKQOCS0ibZejqFN29yeYHWy5it8yQLmQnF0YMztWqtgGXdEBgkLEB2XiI0tUxGRcol_ZnkQSWOSndmFr002uc1Pc154x6c_s6wEeoS8XUN2cRSu8q1cTKYaUiJcXKQA4cDoE29CTAOeKITZFjcZ99RKi694DFJeU5i62JO0vMU829x-foy4QhYTvye3bR_zwNd5CwRFCXk88cj47lHAVxm8-oOQJUbw2V3R7faw5yM45cOtL4FEYw6CMehKTj-Ii_FIHzWwrofoUdulabBqOceRCp_FP_sAmjgHIG4zGKSG0F_mw0IAW7lMyyFeX7sRYNF82b4_f3XZbiTd_P4YF5xWcQjjin4ooKKsR53gU0d71qP2Ql24eIaB3Z5-I5Nut2ahiztjXJDM2hB4eF_JdgrcRupzW-riuTx852ojdGoaRnGgRPJaT31FOk07QlBO4ddLB8qS-dLBlQl9EGzhAn2p18aTDyV15Pkjap7a_NdJHh_P4FCpTaW8USCZCg1hTdKTddoxIOQJd9lP1rldUN8aVUdrWcOq6dsODcsfs5IHrANLYqvetsR8-M_qUISQ0hVT2ajau8XykXV-dueEdlD1Ku-8ba1wmY202LB5FMNEyctyIMGfhSq_tQraeOwgWUA1cHP1gAcy7DTLqxpQfyy1bN_Io6JNNSr3Rpg0CeEPS0nlfnf7CHrD-_ReUNVwiJnDLQBEUi0OGwSkigjmBtYkvYGKoRdDqjh2OimwS55aw0hu5VCr15e4V_7B1VI1QeBIATjbM4OouCoqkvdf07lbD4Q4rzYacfW5XpA5gcVwSNfsZimyfHeV45b8eSs8iKtic6oMZf8J5zN63uVWC09zmEj-OimFpKXocy4HKdB0Sm4s2xmCXH1CLmaZ_F-v47Q3cz-S_wEG69Wy3urj9GFGTjuQLNOtXLZdRjrXAWOLMN54AjVg7jvCrq_F6MA_iId7tF3eHI5n1mDe3tsw6p4E4ZDV8NVeKmzooUVA9PlSxmwtFBnh8kgc8m5yhJn-IRIpkGeiNmwzcYlhDfc59t850p2CqQd0bVartNNOFbBGyQTtkCpDg6p1j2QJu-qQvXEhma8XdfVHxUMvhiXoJBhLGX5iZEm81AS0nFkIRcEuYJ-HmqTaacPLMK5G4wuc27xO3JhdxiXFvuPPbNiHToaz35HDo5gXTRCnaMgdFPAqNOUPMNzcVGCZA80a43cjiwafS6a0EULrjvVE-N5tUk98xZ3vN2-UpMWT2zHsYtlYw1Tx8rqnMiFX2V-tpZpZby-h5kZtrgT5Au9rSZzPxklNiZgZKvctKXnEhNRpsdwGro3IgsjiZWAxS8iFUQ9TSdqXIyF5DUqvQQ3X9bbYHwT_iMX51q5N_leImwfXEZeIQqv0Bqd66nhmeDmxp7zirygwBs5b5Ba71YHQRS-qnvRxmVcwB9gabthkAaiTqCjxm-Vk4oPZHYqVdCnK2_KH1LINNBJaBAiKm5Oa0cl36KvOA1dKqdeFUd-C_JGVGC2s-qMPD7itF9SJtCzq0NDrHy7RGMg5nx6FZbuq2W-mzieG4csXG4V4G2SDfitavJlmvfOlGDWI_exouo3URAgAlBAPmaFhI4iqb63q2owsZ1HvLItpBuktL3LdenmYskCT1QYw34yvFZWfKlU5PgONYN99OebUWEu-E_IzjrY07ZfeJw3x-GZFnL_AHxRyQ3SgGuKDZphhzWgvkTeRP3jFNo7NCHUWQF6ZH8VmHLe7Pt1fSY3-LRCNdem_P2W8JTeReerlwPzprSchwroPIcAhb-OxD5cF2bI44rmiXfqdE5GabeKdJ31wh-JGaEJFcJgRoWTL7exqvFDtdU6m6biNFupeSCWtDeQ2TYaoOJ2a6wTd-Va09KFHF291mhxcMGT86DyU0nk3AFQMLEWWpDuslTsWXmGQy4Cw6xV4u0egabPLls5bh1DKkqCWU1KPKA_lgVgoli5TumIKU-vKiY6ybQd6ROiXcz90kchtgZ7IScKV21A5HpqtvIvRceVZJKODoD8yTd67G5YXk0Sb85zlQABJ98k0DYNYeMQIK2H-cg8ZFW9nyuVVLwenestPPG4pbGsQ6ilLczKT8lsRw3UqXT_BUpjRT2JyMbRHKRQEGrlcJI9NafJXKxqhpKXX8F_qTXAgdcInfzr4ROefkLDp2WPIzdNWKCqPfeQwsOBKe_hXuc6i5LzVfXaDj9VxyAFf3oP_Vwyn5v6ydoIf-E79nZdhLUnxddhj5Qs5SYv_zwxogEhVoeLseh0zKKo92o9p_IjP0v9_eFMlEjVZnK1jZ9vctqPYTVZb0_wGx7kqDvrh8YePyyE1R3aXn-3HBPr1BOrvqggaIWhIG2cApQ9VH9ko6h87xdEIBIvSEdx0oyBybxduP3p8Pb6GRNms8ba-UoSqc1T0_GN6rhQjWXUCEZNEW6jDF8-VvhiA1X-loRXIjlI1FNdlAzvQIQy2IIk-c918rSuQSrlUjQcnMaeeMrzCR-GpC0IlAZoViavpMViDmrioAwNZRFzg9PpBwXutrIlP11lTK1gvzefniW0YgJQViHcruuBZlCc6uGCHzBKgPV0AMV7LeY4DciN67QKeQDLuyujT7G6nx2YkeIH9tkLjVYQRmMQyZWpYO&cid=CAASJ-RoIRzTlkRha0y-66KR4Peux7RE8hejUpP7lvq9jdqfyrPK2SoHbw&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1889b9a5de9b6074f3c8cc1d03535d58184684827690e9068cc0a3d2912c988d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34770
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4C3 42 B
63 B 154ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dm_uW5eYRg3Ws24NPhNJ9odEumM1ktNbH1QbofzEnJmogHL65BVN11WwgDed3F6acQH8J4m4YPxCuMAB0PyB4iFyxRCyo98vZTOKvtN4vcQMW3O2c

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F4C3 3 KB
1 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:34:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F4C3 17 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:36:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4C3 140 KB
44 KB 138ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 08:46:13 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5A0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcXgNd1q0C98J3AG0HaEMY&google_cver=1

43 B
848 B

116ms
92ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcXgNd1q0C98J3AG0HaEMY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXvKVG2vDcPdr2g-FDJTZ1l1CBmeiI1dh9dTkXs--zvr9o5kKSYDb3HE6NFWjPO7E9-U1g4Ru06-GV1O1jdL0W9YHWSf3-sf6g-N0tFtYZ9apUK3MyZBRGqvWygjnehcT9QumrDHHwIlTqo5dDXzMT2QOctI13iClidbuwdJVDee0-iRWE
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba5aecc14052-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTA0KeCdL2ndX8%2FNruH7l%2FzoyUFCNjLGIUk7DJQyDIiB0oI8WCvoryt7f8bK01hfzvs8zmSZ87MID%2F%2FZfbPZufl9Y9OrrZlUQOkzn3AhlET7Q4w6kfrk%2FcEH8%2FBGkaPnIK5RZsxnk38oUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcXgNd1q0C98J3AG0HaEMY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5A0D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzFm1jkj0novzd9voFO7gwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELh8Ng_DzjP8x_l7E-TmB0U&google_cver=1

43 B
845 B

74ms
73ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELh8Ng_DzjP8x_l7E-TmB0U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXvKVG2vDcPdr2g-FDJTZ1l1CBmeiI1dh9dTkXs--zvr9o5kKSYDb3HE6NFWjPO7E9-U1g4Ru06-GV1O1jdL0W9YHWSf3-sf6g-N0tFtYZ9apUK3MyZBRGqvWygjnehcT9QumrDHHwIlTqo5dDXzMT2QOctI13iClidbuwdJVDee0-iRWE
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba5cbf344052-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvKWaVWuaIHAqEarpWtBCHd6HbAowNSV6I%2FH4cWKpYSn1N9qD2G68gwSIx2EYHFXsLF9Xbg8MqPF%2FouTAK6sHZibY6x5r6jLuy9wwyDrsoVtoEW2tZvig8k%2F%2FBA%2FtfRKyqAVUGRq92ahgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELh8Ng_DzjP8x_l7E-TmB0U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5A0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPkeAv-h33LOlJfF4Y9KvYk&google_cver=1

43 B
1020 B

40ms
40ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPkeAv-h33LOlJfF4Y9KvYk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNXvKVG2vDcPdr2g-FDJTZ1l1CBmeiI1dh9dTkXs--zvr9o5kKSYDb3HE6NFWjPO7E9-U1g4Ru06-GV1O1jdL0W9YHWSf3-sf6g-N0tFtYZ9apUK3MyZBRGqvWygjnehcT9QumrDHHwIlTqo5dDXzMT2QOctI13iClidbuwdJVDee0-iRWE

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:14 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d69abbd4-f4c3-481a-b674-d4f61f3a4e34
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPkeAv-h33LOlJfF4Y9KvYk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A0D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2ODE1MzcxNDkwNzY0OTYwOA%3D%3D

170 B
243 B

139ms
77ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2ODE1MzcxNDkwNzY0OTYwOA%3D%3D

Requested by

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:14 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6769be67-bebc-4643-8ae8-97cc58bec797
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2ODE1MzcxNDkwNzY0OTYwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 156ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 160ms
57ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
24 KB 933ms
932ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=495332278511898&correlator=3267857216562320&eid=31068498%2C31069762%2C31069828%2C31069595&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D0dfeb89f60dac50a-22e03c882fce0006%3AT%3D1664181972%3AS%3DALNI_Mb745OpxfhBzMyGdCQhUyBi36Bq5g&abxe=1&dt=1664181973986&lmt=1664181973&dlt=1664181971287&idt=1537&adxs=204%2C204%2C204&adys=2021%2C6187%2C7837&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=2060000085.1664181973&ga_sid=1664181973&ga_hid=351440755&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

838f126475297f4de7e0110a2a6b65eef87024271d0110fec1efd0f8ad69dac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24555
x-xss-protection: 0
google-lineitem-id: 6109084549,6109867904,6098852846
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404064980,138404062025,138402380270
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame F4C3 30 KB
11 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRswPKMnDWqesvFAknuuiBxsf8wu7thyoCN07YU_GLSpItGD5giLjmCy6pjgbswg4fI3CNcdwMQ1UjYdVh9iwhIRS9sQ&cry=1&dbm_d=AKAmf-AiEkf2i4gwwbm7241_iVaavekYa5oQYg32XyluF2RDP84rKtu0Sbp3f_R7b4Vga_C41pgIHOoWfLyG29T2eWoMyGDkB4gbtSxsbjXAMuuqGOeCKYtUlT0Xf5i52umu_H3GM67N--nAnZ4sI4ikOh1jbCEyW8XTJTqbpPUosAY5jkFqmnCfSxtCClpYsZ05uNg7Yu4firlYU3f1vrNkAOBYGWOkytnWg32esjpLTqMJN0jWhLvhcaNy7vdthz99V-Uq5dexuR-QhGVpWEVC4lVuDFxU1RGq2HceY3M0sRAo2Ls3FNDrOQCmV1yU47NAON56Q7VvC2ICmJNh2MwpDzEa4hXy8A7Jx1x_SCsAWu0XGs8qe-LqSqH6r2Me21anAZrfa4OQUd-aLamsguGEo6gkOQHSxXmcoq1Id2wxq0D6j4Jbh_4M3HByakvr0LAyxqOUwv4KrvijM_6HXfmXUUjaH8ZSXR1fn8C1LkETj0S4Iv64xrW9jj9j0b1b4KWdGgX4qGsRB3D_4cvzS_nOJKsp7YZ8YUjPV1ujyCxKLoRaKJSjTPHiR-1e7C-shAxJm75fhXH0sRaplB7oIIAPtx2qM6JtzySoIkokB_JBh3gFu6WDZtaqrFU903IQuvD7Agy1Swrrbr8DKx0NMqG1r3hXfP3fJlAh6b3uuHcrSlG5mzytvVsPY-aZyCT01p7xhz2COFsT8hANYCg0m4NVpN6N9667DJKNRo5auSVQ77E19RvcoqMrLTDHDHaedMhEivJPusk5MfEjXfo0i5X6I02aFxZR8wko2TtTorIhDAYxznMYELzY9vGnRp4bLKMWRxoNJdGyirJAv9BgAlZALvfVECDYJmTxs2qCYnAvZouOpojvogO7fnDzWtWFwBB8i9hcGmKH7F1sTHkNy6RDKwk_kfEgEzremtlJfMFCI__8-ux8z4Zxvz3xEbPM9L3uZwlAoSQvaSffVp8d2QTgcb0ndDf2qQoZVYNCKMU5EjgGwqx04M9XvgykKKQOCS0ibZejqFN29yeYHWy5it8yQLmQnF0YMztWqtgGXdEBgkLEB2XiI0tUxGRcol_ZnkQSWOSndmFr002uc1Pc154x6c_s6wEeoS8XUN2cRSu8q1cTKYaUiJcXKQA4cDoE29CTAOeKITZFjcZ99RKi694DFJeU5i62JO0vMU829x-foy4QhYTvye3bR_zwNd5CwRFCXk88cj47lHAVxm8-oOQJUbw2V3R7faw5yM45cOtL4FEYw6CMehKTj-Ii_FIHzWwrofoUdulabBqOceRCp_FP_sAmjgHIG4zGKSG0F_mw0IAW7lMyyFeX7sRYNF82b4_f3XZbiTd_P4YF5xWcQjjin4ooKKsR53gU0d71qP2Ql24eIaB3Z5-I5Nut2ahiztjXJDM2hB4eF_JdgrcRupzW-riuTx852ojdGoaRnGgRPJaT31FOk07QlBO4ddLB8qS-dLBlQl9EGzhAn2p18aTDyV15Pkjap7a_NdJHh_P4FCpTaW8USCZCg1hTdKTddoxIOQJd9lP1rldUN8aVUdrWcOq6dsODcsfs5IHrANLYqvetsR8-M_qUISQ0hVT2ajau8XykXV-dueEdlD1Ku-8ba1wmY202LB5FMNEyctyIMGfhSq_tQraeOwgWUA1cHP1gAcy7DTLqxpQfyy1bN_Io6JNNSr3Rpg0CeEPS0nlfnf7CHrD-_ReUNVwiJnDLQBEUi0OGwSkigjmBtYkvYGKoRdDqjh2OimwS55aw0hu5VCr15e4V_7B1VI1QeBIATjbM4OouCoqkvdf07lbD4Q4rzYacfW5XpA5gcVwSNfsZimyfHeV45b8eSs8iKtic6oMZf8J5zN63uVWC09zmEj-OimFpKXocy4HKdB0Sm4s2xmCXH1CLmaZ_F-v47Q3cz-S_wEG69Wy3urj9GFGTjuQLNOtXLZdRjrXAWOLMN54AjVg7jvCrq_F6MA_iId7tF3eHI5n1mDe3tsw6p4E4ZDV8NVeKmzooUVA9PlSxmwtFBnh8kgc8m5yhJn-IRIpkGeiNmwzcYlhDfc59t850p2CqQd0bVartNNOFbBGyQTtkCpDg6p1j2QJu-qQvXEhma8XdfVHxUMvhiXoJBhLGX5iZEm81AS0nFkIRcEuYJ-HmqTaacPLMK5G4wuc27xO3JhdxiXFvuPPbNiHToaz35HDo5gXTRCnaMgdFPAqNOUPMNzcVGCZA80a43cjiwafS6a0EULrjvVE-N5tUk98xZ3vN2-UpMWT2zHsYtlYw1Tx8rqnMiFX2V-tpZpZby-h5kZtrgT5Au9rSZzPxklNiZgZKvctKXnEhNRpsdwGro3IgsjiZWAxS8iFUQ9TSdqXIyF5DUqvQQ3X9bbYHwT_iMX51q5N_leImwfXEZeIQqv0Bqd66nhmeDmxp7zirygwBs5b5Ba71YHQRS-qnvRxmVcwB9gabthkAaiTqCjxm-Vk4oPZHYqVdCnK2_KH1LINNBJaBAiKm5Oa0cl36KvOA1dKqdeFUd-C_JGVGC2s-qMPD7itF9SJtCzq0NDrHy7RGMg5nx6FZbuq2W-mzieG4csXG4V4G2SDfitavJlmvfOlGDWI_exouo3URAgAlBAPmaFhI4iqb63q2owsZ1HvLItpBuktL3LdenmYskCT1QYw34yvFZWfKlU5PgONYN99OebUWEu-E_IzjrY07ZfeJw3x-GZFnL_AHxRyQ3SgGuKDZphhzWgvkTeRP3jFNo7NCHUWQF6ZH8VmHLe7Pt1fSY3-LRCNdem_P2W8JTeReerlwPzprSchwroPIcAhb-OxD5cF2bI44rmiXfqdE5GabeKdJ31wh-JGaEJFcJgRoWTL7exqvFDtdU6m6biNFupeSCWtDeQ2TYaoOJ2a6wTd-Va09KFHF291mhxcMGT86DyU0nk3AFQMLEWWpDuslTsWXmGQy4Cw6xV4u0egabPLls5bh1DKkqCWU1KPKA_lgVgoli5TumIKU-vKiY6ybQd6ROiXcz90kchtgZ7IScKV21A5HpqtvIvRceVZJKODoD8yTd67G5YXk0Sb85zlQABJ98k0DYNYeMQIK2H-cg8ZFW9nyuVVLwenestPPG4pbGsQ6ilLczKT8lsRw3UqXT_BUpjRT2JyMbRHKRQEGrlcJI9NafJXKxqhpKXX8F_qTXAgdcInfzr4ROefkLDp2WPIzdNWKCqPfeQwsOBKe_hXuc6i5LzVfXaDj9VxyAFf3oP_Vwyn5v6ydoIf-E79nZdhLUnxddhj5Qs5SYv_zwxogEhVoeLseh0zKKo92o9p_IjP0v9_eFMlEjVZnK1jZ9vctqPYTVZb0_wGx7kqDvrh8YePyyE1R3aXn-3HBPr1BOrvqggaIWhIG2cApQ9VH9ko6h87xdEIBIvSEdx0oyBybxduP3p8Pb6GRNms8ba-UoSqc1T0_GN6rhQjWXUCEZNEW6jDF8-VvhiA1X-loRXIjlI1FNdlAzvQIQy2IIk-c918rSuQSrlUjQcnMaeeMrzCR-GpC0IlAZoViavpMViDmrioAwNZRFzg9PpBwXutrIlP11lTK1gvzefniW0YgJQViHcruuBZlCc6uGCHzBKgPV0AMV7LeY4DciN67QKeQDLuyujT7G6nx2YkeIH9tkLjVYQRmMQyZWpYO&cid=CAASJ-RoIRzTlkRha0y-66KR4Peux7RE8hejUpP7lvq9jdqfyrPK2SoHbw&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:42:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame F4C3 8 KB
3 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:38:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4C3 0
622 B 225ms
87ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUAmJD4LBGHSGZ-diJ0StYozNi0ERT9aK9gmeQSFI3Wy5tc2nwE_9En0ATsPxshD8FQrAmHTmWTAwCHFbbWvDutEncXNgjYqacOErExyD6mF7u8d6rubUTg4QVCWAJ-wxFUrIWw7XwQr0GurI9iGQlFN_nZI-lSuyskdT2-X5BeINIsAGdDzDEYZHzsDHcJsyEFXcRPnOflx4Fa61iBC07dS32wGAPm8KoKQ60jv7bU5FbEwpVPJc53JtHt2VgyhDjvwJ8QMapatjakF7RZqdV-MlFAGFMMEciuif_61ueSRcOopXwPa70gc5Jej0fAz4-sCfCw73ztmR-JanEx72zNMwRYqyL4Yf4TnAclql7XvQ_8gInim7IDBOVhl5OB59ljb4RCtxjEqWVSOSQv60yEFODY8hvlPSRMDiCSv6PjE4X5VNxbJMyjJel5PDxssqpg9VW4XY4Z_JasSxaQBwkvrJuVXIKgXGDMf8eMRW57j4Jk7uer61Qbcbqox_54RmrZUoNu91bJHyVgM3p8Ctypoq97kqhvmbuB06pbc2FrLkevRNr9sypIWaZL81icrYZtDe9p_-q0o94irIaBgenC_3jXFQU8zwLX3UHVkxRC4Xev2Vv3xiYs6G1mqzRhfLL5qJxAn272wztgtPaniTTP5mjhZNPyx_Fgd_eRmOXcXlfi9ytiKaZbo9bNThqNj1WzuvmqU5lXQilSC_284_A5m8vN-4SdfKgCIsGiwlMSVGbF9Sr0iHGiN-RSPHmYk5P6SQm1Dp2MSujqrpStB4VSjmPMvNe5Q9mLBY7oyBWuosdb_UsiaPplvZvHNFcImDt8zin5RLn4kENU8uSUKUtwVtU7cM4gj2wCtFmBQa0Rkzu1Jyxbeo5phJPkD7tornjUkuPTKnDDQRlT90wI-exELMqAbMvBgG-mVB68K9qr-IdQ8DtNfzcfdQ2ZdyTrMbRmb1IcZACsqAW4CXpHR3ZIOp7lIvFbU-1CNPXJ3VWvlrQDBTgc_om8KFHdlT6iyw273AyWOkl0kEnnQtdbBfnbq61wDijLdKdrT8A8KJA8FJF5c1cIn7k1u_eMKVzvPMMXdC3KQT3FKAiLHsMSn16q2E7ngN83q4rOvp6Xg0ZpzOmDqN71WA4jF1w9gK4THAx9LCiGqDa4J8NsMruhWoT3dZxGfcWqCNeS_1xSzxd5mu9olmbKu_7WUgjHQtGGIMVwmAh4eZ3Dy_0UBdbF2XzcYNt55Ne5Qn_ySrrKUzlJzDakf5Q9nmW3NasQntLaw51_44&sai=AMfl-YSPhLfZRle29lyTbfTh5-RiAyQfb1pZQyxYFayrAcEblHGJEpWhqTlHWTdXjcOLKkQRs49CT5BHkLvaPT2dhO_iwlpp3M1J71xaYbwAMcDMYKUc_FJdC8MQSae0JhDDZrvca_-1mUGrQ8zmAajOtQyiPWzlWM9nLEm9-1SamAvy891SzZBCfig3BdcxfQ7NTsDoQmyt_Up78ZZ4Du4JQrXdSJXDpsZgVw&sig=Cg0ArKJSzA2CBoYeZeLMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220921.05544&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 26 Sep 2022 08:46:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK tfav_adl_57.js Show response
j.adlooxtracking.com/ads/js/ Frame F4C3 64 KB
23 KB 193ms
71ms Script
application/javascript 37.187.28.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRswPKMnDWqesvFAknuuiBxsf8wu7thyoCN07YU_GLSpItGD5giLjmCy6pjgbswg4fI3CNcdwMQ1UjYdVh9iwhIRS9sQ&cry=1&dbm_d=AKAmf-AiEkf2i4gwwbm7241_iVaavekYa5oQYg32XyluF2RDP84rKtu0Sbp3f_R7b4Vga_C41pgIHOoWfLyG29T2eWoMyGDkB4gbtSxsbjXAMuuqGOeCKYtUlT0Xf5i52umu_H3GM67N--nAnZ4sI4ikOh1jbCEyW8XTJTqbpPUosAY5jkFqmnCfSxtCClpYsZ05uNg7Yu4firlYU3f1vrNkAOBYGWOkytnWg32esjpLTqMJN0jWhLvhcaNy7vdthz99V-Uq5dexuR-QhGVpWEVC4lVuDFxU1RGq2HceY3M0sRAo2Ls3FNDrOQCmV1yU47NAON56Q7VvC2ICmJNh2MwpDzEa4hXy8A7Jx1x_SCsAWu0XGs8qe-LqSqH6r2Me21anAZrfa4OQUd-aLamsguGEo6gkOQHSxXmcoq1Id2wxq0D6j4Jbh_4M3HByakvr0LAyxqOUwv4KrvijM_6HXfmXUUjaH8ZSXR1fn8C1LkETj0S4Iv64xrW9jj9j0b1b4KWdGgX4qGsRB3D_4cvzS_nOJKsp7YZ8YUjPV1ujyCxKLoRaKJSjTPHiR-1e7C-shAxJm75fhXH0sRaplB7oIIAPtx2qM6JtzySoIkokB_JBh3gFu6WDZtaqrFU903IQuvD7Agy1Swrrbr8DKx0NMqG1r3hXfP3fJlAh6b3uuHcrSlG5mzytvVsPY-aZyCT01p7xhz2COFsT8hANYCg0m4NVpN6N9667DJKNRo5auSVQ77E19RvcoqMrLTDHDHaedMhEivJPusk5MfEjXfo0i5X6I02aFxZR8wko2TtTorIhDAYxznMYELzY9vGnRp4bLKMWRxoNJdGyirJAv9BgAlZALvfVECDYJmTxs2qCYnAvZouOpojvogO7fnDzWtWFwBB8i9hcGmKH7F1sTHkNy6RDKwk_kfEgEzremtlJfMFCI__8-ux8z4Zxvz3xEbPM9L3uZwlAoSQvaSffVp8d2QTgcb0ndDf2qQoZVYNCKMU5EjgGwqx04M9XvgykKKQOCS0ibZejqFN29yeYHWy5it8yQLmQnF0YMztWqtgGXdEBgkLEB2XiI0tUxGRcol_ZnkQSWOSndmFr002uc1Pc154x6c_s6wEeoS8XUN2cRSu8q1cTKYaUiJcXKQA4cDoE29CTAOeKITZFjcZ99RKi694DFJeU5i62JO0vMU829x-foy4QhYTvye3bR_zwNd5CwRFCXk88cj47lHAVxm8-oOQJUbw2V3R7faw5yM45cOtL4FEYw6CMehKTj-Ii_FIHzWwrofoUdulabBqOceRCp_FP_sAmjgHIG4zGKSG0F_mw0IAW7lMyyFeX7sRYNF82b4_f3XZbiTd_P4YF5xWcQjjin4ooKKsR53gU0d71qP2Ql24eIaB3Z5-I5Nut2ahiztjXJDM2hB4eF_JdgrcRupzW-riuTx852ojdGoaRnGgRPJaT31FOk07QlBO4ddLB8qS-dLBlQl9EGzhAn2p18aTDyV15Pkjap7a_NdJHh_P4FCpTaW8USCZCg1hTdKTddoxIOQJd9lP1rldUN8aVUdrWcOq6dsODcsfs5IHrANLYqvetsR8-M_qUISQ0hVT2ajau8XykXV-dueEdlD1Ku-8ba1wmY202LB5FMNEyctyIMGfhSq_tQraeOwgWUA1cHP1gAcy7DTLqxpQfyy1bN_Io6JNNSr3Rpg0CeEPS0nlfnf7CHrD-_ReUNVwiJnDLQBEUi0OGwSkigjmBtYkvYGKoRdDqjh2OimwS55aw0hu5VCr15e4V_7B1VI1QeBIATjbM4OouCoqkvdf07lbD4Q4rzYacfW5XpA5gcVwSNfsZimyfHeV45b8eSs8iKtic6oMZf8J5zN63uVWC09zmEj-OimFpKXocy4HKdB0Sm4s2xmCXH1CLmaZ_F-v47Q3cz-S_wEG69Wy3urj9GFGTjuQLNOtXLZdRjrXAWOLMN54AjVg7jvCrq_F6MA_iId7tF3eHI5n1mDe3tsw6p4E4ZDV8NVeKmzooUVA9PlSxmwtFBnh8kgc8m5yhJn-IRIpkGeiNmwzcYlhDfc59t850p2CqQd0bVartNNOFbBGyQTtkCpDg6p1j2QJu-qQvXEhma8XdfVHxUMvhiXoJBhLGX5iZEm81AS0nFkIRcEuYJ-HmqTaacPLMK5G4wuc27xO3JhdxiXFvuPPbNiHToaz35HDo5gXTRCnaMgdFPAqNOUPMNzcVGCZA80a43cjiwafS6a0EULrjvVE-N5tUk98xZ3vN2-UpMWT2zHsYtlYw1Tx8rqnMiFX2V-tpZpZby-h5kZtrgT5Au9rSZzPxklNiZgZKvctKXnEhNRpsdwGro3IgsjiZWAxS8iFUQ9TSdqXIyF5DUqvQQ3X9bbYHwT_iMX51q5N_leImwfXEZeIQqv0Bqd66nhmeDmxp7zirygwBs5b5Ba71YHQRS-qnvRxmVcwB9gabthkAaiTqCjxm-Vk4oPZHYqVdCnK2_KH1LINNBJaBAiKm5Oa0cl36KvOA1dKqdeFUd-C_JGVGC2s-qMPD7itF9SJtCzq0NDrHy7RGMg5nx6FZbuq2W-mzieG4csXG4V4G2SDfitavJlmvfOlGDWI_exouo3URAgAlBAPmaFhI4iqb63q2owsZ1HvLItpBuktL3LdenmYskCT1QYw34yvFZWfKlU5PgONYN99OebUWEu-E_IzjrY07ZfeJw3x-GZFnL_AHxRyQ3SgGuKDZphhzWgvkTeRP3jFNo7NCHUWQF6ZH8VmHLe7Pt1fSY3-LRCNdem_P2W8JTeReerlwPzprSchwroPIcAhb-OxD5cF2bI44rmiXfqdE5GabeKdJ31wh-JGaEJFcJgRoWTL7exqvFDtdU6m6biNFupeSCWtDeQ2TYaoOJ2a6wTd-Va09KFHF291mhxcMGT86DyU0nk3AFQMLEWWpDuslTsWXmGQy4Cw6xV4u0egabPLls5bh1DKkqCWU1KPKA_lgVgoli5TumIKU-vKiY6ybQd6ROiXcz90kchtgZ7IScKV21A5HpqtvIvRceVZJKODoD8yTd67G5YXk0Sb85zlQABJ98k0DYNYeMQIK2H-cg8ZFW9nyuVVLwenestPPG4pbGsQ6ilLczKT8lsRw3UqXT_BUpjRT2JyMbRHKRQEGrlcJI9NafJXKxqhpKXX8F_qTXAgdcInfzr4ROefkLDp2WPIzdNWKCqPfeQwsOBKe_hXuc6i5LzVfXaDj9VxyAFf3oP_Vwyn5v6ydoIf-E79nZdhLUnxddhj5Qs5SYv_zwxogEhVoeLseh0zKKo92o9p_IjP0v9_eFMlEjVZnK1jZ9vctqPYTVZb0_wGx7kqDvrh8YePyyE1R3aXn-3HBPr1BOrvqggaIWhIG2cApQ9VH9ko6h87xdEIBIvSEdx0oyBybxduP3p8Pb6GRNms8ba-UoSqc1T0_GN6rhQjWXUCEZNEW6jDF8-VvhiA1X-loRXIjlI1FNdlAzvQIQy2IIk-c918rSuQSrlUjQcnMaeeMrzCR-GpC0IlAZoViavpMViDmrioAwNZRFzg9PpBwXutrIlP11lTK1gvzefniW0YgJQViHcruuBZlCc6uGCHzBKgPV0AMV7LeY4DciN67QKeQDLuyujT7G6nx2YkeIH9tkLjVYQRmMQyZWpYO&cid=CAASJ-RoIRzTlkRha0y-66KR4Peux7RE8hejUpP7lvq9jdqfyrPK2SoHbw&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.28.21 , France, ASN16276 (OVH, FR),
Reverse DNS: js13.adlooxtracking.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 08:46:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 10:16:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"61b86f00-ffaa"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F4C3 41 KB
15 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 07:32:47 GMT

GET
H2 200 11365344273383678206
s0.2mdn.net/simgad/ Frame F4C3 90 KB
91 KB 144ms
42ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11365344273383678206

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1e69cda9af4f31a3cbb4f3c2ff7aae63a034d603d9438a72da94369ee88387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:38:52 GMT
x-content-type-options: nosniff
age: 442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92261
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 12:54:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 08:38:52 GMT

GET
DATA 200
OK truncated
/ Frame F4C3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 760655965d7557c01773305fc9efc016407d132cea5a7a86a9273aca6f95f5b6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0D9C 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 522807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D9C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 21:45:06 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame F4C3 8 KB
4 KB 116ms
51ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_57%26tagid%3D529%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom1area%3D50%26custom1sec%3D1%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=nmp&campagne=57&banniere=0&visite_id=82625170982&seq=0&timezone=0&js=tfav_adl_57.js&date_regen=2021-12-14%2010%3A16%3A28&plat=7&tagid=529&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=9295572&id2=27377933&id3=330734833&id4=5325044&id5=167969499&id14=%24ADLOOX_WEBSITE&id15=display&id20=614b730&p_d=0.051&d5=598&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fvsim.ua%2F&ao=https%3A%2F%2Fvsim.ua&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.30
Resource Hash: 02cff5503cc397bd97b4f66065c8096550302a012d15c03cf936cc1566862439

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:14 GMT
content-encoding: gzip
access-control-allow-origin: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
x-powered-by: PHP/7.4.30
route: ads-prod-dcf4477bc-95f7n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4C3 0
26 B 161ms
79ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D9C 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsOoZ1WYxY_i4OZez9u8P9aOVuA8AAAAAOAHgBAI&bg=!-vml-b3NAAYIxsuQKMY7ACkAdvg8WuVWmZdmy0SkPZa6yXFHfwGVV2AA2LnSSd13t3fdzycX8Sj05QIAAABKUgAAAAJoAQeZAuefTs5qR2k7v01nvFkJ4fQjPlmovFGMZbxt5ei8Ix6rzDzGtpakIkRkF1czZLQqZMUuOrZwgrqgNpuEtx9_embDJtMpdhhphmHCgLUiWDlswc1F-Ojsl1KZUbDuXKW_6pqI8g-GaUulYywQtoBfGM-MqWj1TpSRn4rWKtJS6DcwzGHF3AbF2dMIPZURVPIUa-PU12IvEC0Ze-jmNGjd8RnszYbz7_9PDZYryM1gUN2KFQZj8jX6rgyxyFU96PAxot_oNrX6Kgtyd17OWVupjz-IboXyNoct-i1XJS3PvD67G0LewF-pt3gZ6PIqSFC8177GI3zx_rzQ5stob64hlPX4DcfwztJvdLZXdxuCTPJ-kXxLL84JEyiMdbgl6FCd-bQh2FYSqVXsxVMlB345WpbGfD5yODpslBB1zE6JnUTSN7Sk130oFzmlfAtpuVIVgCk7Poa1OhXLEMBv0_4MY2OdEsr0VjQfVyGmQcAAlQXIVQlNkwr0a4eTVhdSchdqBBv7XCIrCOjjphycOiYLl3h-O9bngZS_7gPxKH7CUxO9mON8zZvPBl1yKLJCFD0328U-aARe2y1kDZbC12PtfzFVsUHz-0I7EpLh8c_uBV5HTAbqsarbBduQ04eTcmRqLDDPwC1To5Qm-Gj8LZGkYLdv_qeiKNsRpC3QZZmxQc1xQOuNs_avLx1TNVnZTef66LIi9j3tuZVFqT1uoNCdcUBe-b8lcpJQ-kkrYPUgXSXmy-lPmzQBRLLIQvG-tNmfqDtFjqtjlrtxFbjQsLg_EwiBWXxHEN7WMOuBdjKz5auNucO3aUTJt-eycKGtn7uDS7YP0uh5hMbPOCIfyNwhqe2AUHUT0mjB7kjQwYk75SrE0ynBiPo7IRSFEh1-USVx7-SMW-6d7CeVTZ6F-tIZxnQPUCtr0BMNgaZH9ZziJelNgpphZrpZ-q_Vv-AuOuXPIkz_dGJqjWaHEQexMKm444qR4n67N6Pn9w

Requested by

Host: 21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
URL: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 60ms
59ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462272/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Mon, 26 Sep 2022 08:46:13 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0079 0
0 83ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI_YPp1lMEFLnSQ8y9o_dCnXRvGDT50f9W7mfcuXzYYd7QQFMcEg93LVozO4vA2OYyKN5pajxF7w4Vy93hoED7X-rYWCys7fgz4yjVGAI2j1nfQ2igg0WZgdTMyQpU3KHKoqWy7WGHI0WFXEy8U_cbikCgbidrQKk_yOJmiKhKc8OlgeQHjqfUG1Nbx37ys9DrISRI6R50OrXwFGCWkc8LQqyAF09HsUUav65W7I-o3NsPGlunZXApjJtq-s3GXLKeoiMEPqyOmq2DzsyxgSpQigmF8HiQOP4EWDEIKrwFdnROxLQ-HvbD52xg0HLF74rU&sai=AMfl-YSHKt0eAxrWJGvTtChYp52K8yN5Nray7uJtdtzb8Ju-f-c80VlBsnE_qlrlXW71Y128B2qgmf3HjJS98LgkiDBZJ4Ak4F9niN6SgUp3DqvFgMFw6Ks26knSzDSONw&sig=Cg0ArKJSzC21XR5XQB37EAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 0079 23 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:38:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 0079 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:37:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0079 0
0 150ms
53ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8k5kcwZVNO-_VSiNJ-IYqSr_6YlSbSRb_0wne3YAyDgsYkjfdezHUogg8XY7YRuzYeuiivlFsu8CwH2YYfujuDrr0Rw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0079 140 KB
44 KB 149ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 3727030250312727360
tpc.googlesyndication.com/simgad/ Frame 0079 144 KB
145 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3727030250312727360

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b7dae5b6b79db79b1f08c73aa1da73491c195fdfeda4287121443d712c58f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:23:26 GMT
x-content-type-options: nosniff
age: 577368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147938
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:06:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 16:23:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE25 0
0 83ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCuWfwxNAYVQRLlJ58GOHon6TVKcKXAdT3fxTeIUvxAeNI69FXTo7JnMQXUCoJ7PQnUv8aD9l1Q5OLY9oTn7pF0D8dbtpIwO4u1s00RSyHeca1B4QnhdV5HM787zhpHU5xx-4IwAyrnQYNV5z4DCpOmjwJ1gRg3WrMA-_95q3BmXrK2F1xNJa3kFVdOf3E3rZ1F4gfaXgllHVUYUnLQ-29pVmmZ5vW7BaYDjDec7bnz51HrVdfhv4wLp7j2De8jcfABuMOYyHaP3Y5XSus0oeLQz_3IZsRMKhXmAVW2r7umee32jSw_7cpewXTd1uQ5o97&sai=AMfl-YT-Jwff6Uwzko8H1yvhdHROqVg0W2iG7mlNszJyW6Gq4hKVsBiyfpvRPslIay-DzcylvG953SIZNDcgIXiS8kClSzbYl6ePAOyL2ncnU55dmScLmUkN-segF7BoQA&sig=Cg0ArKJSzNKI8zMJM1fTEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame DE25 23 KB
9 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:38:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame DE25 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:37:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DE25 0
0 140ms
52ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJrA2Tin1_S2MdTonzW05cuCim8fLi1zQiKFlnM2q4ZJu-CP-E2HFpE5gamFGYL-Euh7LKNnaGjVELS96T-ei2NEE9ew
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE25 140 KB
44 KB 158ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 7505058470188652144
tpc.googlesyndication.com/simgad/ Frame DE25 58 KB
58 KB 64ms
63ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7505058470188652144

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b97e46a5cd5da941d8fd49a3da94a844b704cdb6186bc9dfa34cb2e1900cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:23:44 GMT
x-content-type-options: nosniff
age: 591750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59457
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:34:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 12:23:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2BBD 0
0 81ms
80ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuEfI4ULdtJCfgFcnzf63dIlZdepYKJDZ8HJqY4O45E3kNs4kc8YNp6Jc8wEsCayCKAvbSCz5rqWlPTG3K9jY2gXkL4ZIJ-gNe2ej2ubcjNZxMaNgW6tMmoHKL7HFumOqzjBeNQAzo6KMH4SdpjVulSEiA0R8vKgdbhT1wj-uS1Ty6RZt17o53ndoSZQWY4kdlWf79V1Z8C2J1xNizbo5ycQwi-vmzzpcWifhtV1Ypj-pJDcp4-PiNqLLIk4pbuoda8tWxFnAz5V5JOQtYO5ziNMpXah7JDP9x527VNVcT-t1pkP1Ljrzsmx7dwzYofnKvlQ&sai=AMfl-YR9KcqT_RDZT7MRI1Yxa33TZ6Ow3GxDqCvpOiNjqORPu_sZ33QLr0HtcyV-NRK3Rghb-6XIPDg6jzwWtiTUDg3ZXQ_pPzVw6Yjtdmgr2e06POFrhXedpkvZm0x5-w&sig=Cg0ArKJSzCzAIgEzaHGyEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 2BBD 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:38:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2BBD 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 08:37:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2BBD 0
0 131ms
53ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7JVqXrZ8cPsHK4lvF1pyp4UHKz8U-RUDbJR70cac0wEQ882nv7laTsZvMDBYig_-JAgPCGwelA0KRczfbnaXz8Wb5pQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BBD 140 KB
44 KB 197ms
126ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 9843603873320928570
tpc.googlesyndication.com/simgad/ Frame 2BBD 157 KB
157 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9843603873320928570

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d061022e4ea64c3f0dd5b563f06df4bc006c5d6eda4fabae0e4463c7dd02afc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:33:00 GMT
x-content-type-options: nosniff
age: 504794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160652
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 08:51:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 12:33:00 GMT

GET
DATA 200
OK truncated
/ Frame 0079 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0469bf673e1858b7d9fc2a04871039b10282e78f7c8d7ff9ed1eac1adad8bb0f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE25 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34bce76ddb6f1d83453233eb68dc19f5f8d1734b6263bddfd77a5f0edd7f4f3d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2BBD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69115d69ba345261d265bc9158cb3398a97de94253605eb2664552739ab431a8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0079 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvT3yvUtqcgGJbmBja9OaZ8x60fC02Dt1YeeAc3kERAK4d18vf1aJGbUqTpj6YUnFoRvFeoYJuT_-jFP554XhSAQbrGcDXt-60JoLhS6M3rmpqcDteNTklzPiM2FvJyZdtgb6j38icZ21EKF20tSZi3pPG1AR2FY3OTIBGMdPjATTWiP5dCnZkYAKtWy3LapEPr8nsVkp75Si4-aiT7QQS0S6kLpo1W8JcLA2Ppe8Aog5MkDC0C9EujrmACGl9Nw4NVhW1jS-Eg7ItOAmKW1PjptRyeqcsTbnoc29pfqB6LOTM6zHuj-wRo3ZqZ8sttSieyMtE&sai=AMfl-YTmPDETsdpImUG85j2__Gi7-poLTALdLFC_JmpEQXJj8vXw2oYfzS6Y2w-9z9F9VbvTB5pR7a_eNvZfYPEo-ptbk_VYSV7sku9-GeczXEvPJDhIhATC_s7fXW3dZA&sig=Cg0ArKJSzNy8hmN1H6KSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE25 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthpyrLQCK35yCwm96IqnoDcCFsxo_7XY1QBiyewrJEymHZAapggeLZxwKg9B2kwi-4TpRXCmOFlN76Wv93tgxYpTjUwukbPatFy7xIeukIp3CRuvwj5yxYp7Nz-O0MU2d57NkTc_ahZUcejeDg3By7I9IyGpQ0pBMlCBR_1D854mYlb4s4ePHpABGdQpQM1XWLKsJ8S00dut4pAgBLegNSplW19OXfurg2XVxLBDpZxSQes6c5z0vcZkPrqSATNDW7ttDMvhaHJKNyDgrmakD4ybgqfBF_W-lchZZ7ItHocxmdtWaTT9LJbdYYJR43mVpQveA&sai=AMfl-YQwO5y4GJ-l8IU2DLdjr8Xdx5mvvsCUph_rpb2n7XCIvpRrbnKVkke9jYooz2GlJea6hoKN1pOz30aXg0LXZZu_XlKrom7clri35uGPbn73iVTVhR2BcFuecUFoTQ&sig=Cg0ArKJSzKrcszDvdehdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2BBD 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshuwHe3Kp5mLTW7FCfUYVbeRhCDAWfwpVcxc_YHMjna77pY2GRC6F_o9uosd-I3Om6hsdWOS_GbhGvYWfsfZeOjON8dO63V0zqvDxMbKLuDEN3tD0iYBl_WciT0NgpCE_l7HKAFZYCnm09ldXcLuzYCcfaARemrrT10y96A3Fjq1d2ZOCsCH4Ls88fp6Gf6nRSqyNeQGnhDZ0HoQQhmsVkUzo077fEFrcieoqxsAyixTobCym-7e4nCdfh40_5hwDAUV6g-CuoaKzpQ9qPw-PKX-eVHvMR_v3VK2QkLKn0Tov-8H0eu6gZ27qVD5Pu9cJsQMn5&sai=AMfl-YRbzs0SesRDAcRQ46vOm6I61j1VaivDY7HdGH2Njh-KV355AyTSyb9PSSJiIMuPmO1yGUA0K7WBEQnu1cEcQqkN8u-p4z0AWSmXKrUKuUMOx7qB-4vAE8ghCNN5dA&sig=Cg0ArKJSzNFpS7n_Ve9_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 08:46:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Sep 2022 08:46:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4C3 42 B
64 B 166ms
79ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKMuG1eYnhG4pvVSI3v7_9NnWIZXGU6Txeux2De-PG7aXCmdMw19W_JdjFVDcD5zNF0AIVDRhht9VXMXHDrmf94BR6Wo0peyNor2t5luxI3qc1u1ESicY5rsMb9GVonwO0MzpJX38&sai=AMfl-YRAQ4kwc21xqt8dVq-5Kkzr-Cf9QxuUwGKjOMPxt8Wb70UVyIWYsfvm4mnzwKOTgINf6_C1BzW9bIgasuPFzyBPcsi7aV-A4TOmm27CFxNi8oA8SGTc9WadtBBxN38&sig=Cg0ArKJSzIHm7UdhoX-fEAE&cid=CAASJ-RoIRzTlkRha0y-66KR4Peux7RE8hejUpP7lvq9jdqfyrPK2SoHbw&id=lidar2&mcvt=1000&p=228,1092,478,1392&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664181973640&rpt=655&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B2B 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 07:31:33 GMT
expires: Tue, 26 Sep 2023 07:31:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 950F 783 B
535 B 135ms
51ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92b74083244984ba6ec4f078d00cf08281897e965f2a5d0541b3dfaf0fa4cf91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JBLXOVmJgb-1uj8RSXHMIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-JBLXOVmJgb-1uj8RSXHMIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 08:46:16 GMT
expires: Mon, 26 Sep 2022 08:46:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B2B 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 21:45:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 950F 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092101&jk=495332278511898&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B2B 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p_W19w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092101&jk=495332278511898&bg=!9_Sl9LDNAAYIxsuQKMY7ACkAdvg8Wo4Ipg_IPano8svdr_oZBDjl0_PXc7QSR15TdouZVaLYVEKolQIAAABaUgAAAAloAQeZApS7lYsDvTL_-yE1XAf66O_xuFx_dyh4nYP19jVVNALmKS314IQRtnByhsQK1Fd8RoeY1lRkoS15TJwWs2lfhNyMjjgK6bNSzXldAfoNWQQu961wEIo4ZPgUP70xkAHlgdfU8ER17RjAwndeJFHlhaXMCI8K87mcDkVAtYsxqo_QeOdlHUldE4IBwWzlzGhmLvfNVz5yIVRd0hY8InpNC_zI76FbcNQmOMmzYBedBgmlz2nSPX1XVOFn5sRmWzNwrZNjmoMjSeWyO2NnKUU7XpgQUqWDvPtopGlEydt31NZdrT8vpgQMTEaGSfp3kCXnR9cB31EWq1hg65e6GDyj2B0U9paclGi8iU1GMvIoSSKtH8sa_4JDyFkRO5lfQ0uzxH-J46zsrpfOhotJi1LP6Sjm1H2dTG_sAGl6d4IE1x1Jv0pRwv1GfLVbVBRBx4ClorbK8Opc8gpYa9ZcHft7HAzB_1Tih35HBcpYW8HTo6-QO9W45QtkIOavJSmlMu_04nFDLeuVO5e3JYT_yF4FCFeB1LnvkXD75QPn8ncRoGQnxJEJrz9SdlfziaEqZR77OBWlveMTPA0DrNa5rlJVqDciFQdW2gWWeGi9uAxt7ZfrhMfw68bzA4rHusn6ynZCpSjdCaRIsALtMTzlu0dViUmVdjv3-GljXd6g__wxlHdZAt8Pq4wybf0GqMF5-ZH4HuILqvJ-Iva89iF9uYYAUDh-OF0CLe1LzBsJe_07Nvm2YvMyNdjVQ7y2BOYBw_EX9F88haE2XkLncddhcUZ7DdM84xuvC_-_P_OshnKqOS-OsCJJ3SIiwt79w5ngEQaabCBtrNn_EGXS7uxuG_F1FUBUrZm7IqhFJDbQLcRV-K7mt7uX_Ao
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 194ms
66ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 26 Sep 2022 08:46:16 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 415037
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=dJ7VE3xLeTFBUUM1WWduZWJINjJnWC9ETDI1REs0UnRuNWZOMG1Xd1J0RHl0WTREaWlzeUM3QS9rUCs3ZGVKWVFMdlAxdnFlNjlEMTh6dnl5TnlMNmhqOUtQVGtzd0lSampRc1BJRVFWRlp3SG5WWGpyWWYyL2F1Z2ZaVU...

338 B
647 B

106ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dJ7VE3xLeTFBUUM1WWduZWJINjJnWC9ETDI1REs0UnRuNWZOMG1Xd1J0RHl0WTREaWlzeUM3QS9rUCs3ZGVKWVFMdlAxdnFlNjlEMTh6dnl5TnlMNmhqOUtQVGtzd0lSampRc1BJRVFWRlp3SG5WWGpyWWYyL2F1Z2ZaVUJLcU93b0FQKzdLZkd0TTBtYUVoWm9VNFRJckZwcnVBVFFyekhWWnNoMW96MGZzMEJlaS95aFV5OGlpaE04ZjdOTStGNnhVUm1Ocml3VHY2VUdmMkVsd0pRSGRjU3JERGxMcml0RFJtMm0xdGwzTy8wWW1FPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a565b09d0fea73ccfd0965ed48acbef916f93bbd956017e77f8a726d94714cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:16 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1435218
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:16 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=dJ7VE3xLeTFBUUM1WWduZWJINjJnWC9ETDI1REs0UnRuNWZOMG1Xd1J0RHl0WTREaWlzeUM3QS9rUCs3ZGVKWVFMdlAxdnFlNjlEMTh6dnl5TnlMNmhqOUtQVGtzd0lSampRc1BJRVFWRlp3SG5WWGpyWWYyL2F1Z2ZaVUJLcU93b0FQKzdLZkd0TTBtYUVoWm9VNFRJckZwcnVBVFFyekhWWnNoMW96MGZzMEJlaS95aFV5OGlpaE04ZjdOTStGNnhVUm1Ocml3VHY2VUdmMkVsd0pRSGRjU3JERGxMcml0RFJtMm0xdGwzTy8wWW1FPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 668501
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
617 B 145ms
43ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

301a111de077f70d1112da8ce1978b6eb041fcb48be728e9cc81eb88b0f98d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 26 Sep 2022 08:46:16 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame DF44 3 KB
2 KB 191ms
41ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Sep 2022 08:46:17 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 149B 52 KB
17 KB 249ms
44ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 26 Sep 2022 08:46:17 GMT
ETag: "623de86a-cf34"
Expires: Tue, 27 Sep 2022 08:46:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4025 52 KB
17 KB 248ms
45ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 26 Sep 2022 08:46:17 GMT
ETag: "623de86a-cf34"
Expires: Tue, 27 Sep 2022 08:46:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 18ED 8 KB
2 KB 134ms
52ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e44f11dedbd1b30eeeb1780763ab0c4a53016cc28771cbc7d122463c1fe099

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://vsim.ua
cf-cache-status: DYNAMIC
cf-ray: 750aba6ccace72e4-LHR
content-encoding: br
content-type: text/html
date: Mon, 26 Sep 2022 08:46:17 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8C2D 15 KB
6 KB 183ms
51ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=114331
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 08:46:17 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 27 Sep 2022 16:31:48 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 91D6 15 KB
6 KB 183ms
52ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=114331
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 08:46:17 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 27 Sep 2022 16:31:48 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 96FE 281 B
554 B 180ms
51ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462272/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Sep 2022 08:46:17 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=da79217a-16c9-4642-92d7-8269046485e7

0
404 B

626ms
103ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=da79217a-16c9-4642-92d7-8269046485e7
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 08:46:17 GMT
Server: Adtelligent
Etag: 18f66a876770a9f6
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=da79217a-16c9-4642-92d7-8269046485e7
date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 18ED 0
0 40ms
40ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 18ED 170 B
188 B 78ms
77ms Image
image/png 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=d00fd008-0dcc-4ae8-8ed8-1ab26e8f8445&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7...

95 B
180 B

50ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=d00fd008-0dcc-4ae8-8ed8-1ab26e8f8445&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6e5c8c72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=d00fd008-0dcc-4ae8-8ed8-1ab26e8f8445&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 18ED 0
331 B 322ms
47ms Image
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 18ED 70 B
265 B 125ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 18ED 0
162 B 123ms
37ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1664181977.238908,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy19265-LCY

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 18ED 0
411 B 622ms
105ms Image
text/html 2600:1f18:6593:f607:ba15:f8ca:726:bfa6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f607:ba15:f8ca:726:bfa6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 18ED 0
166 B 114ms
28ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=136...
https://mwzeom.zeotap.com/mw?cid=3c201b3d-ac6d-4f16-ab5e-4bc5de0158e3&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

43ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=3c201b3d-ac6d-4f16-ab5e-4bc5de0158e3&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6fce8b72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=3c201b3d-ac6d-4f16-ab5e-4bc5de0158e3&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=76987020472294622120796426364947297597&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-...

95 B
152 B

47ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=76987020472294622120796426364947297597&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6e9ccd72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v042-0f4e36f9e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UjsESo4UR3k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=76987020472294622120796426364947297597&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 18ED 0
324 B 235ms
42ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7147607165815355538&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-...

95 B
152 B

66ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7147607165815355538&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6e5c8f72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7147607165815355538&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Date: Mon, 26 Sep 2022 08:46:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 18ED
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421

95 B
113 B

64ms
40ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=LvcJ/aAtAcDYzpY4cjh13O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45...

95 B
152 B

53ms
53ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=LvcJ/aAtAcDYzpY4cjh13O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6f3ddd72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
last-modified: Mon, 26 Sep 2022 08:46:17 GMT
server: Weborama Collect Frontend
location: https://mwzeom.zeotap.com/mw?webouuid=LvcJ/aAtAcDYzpY4cjh13O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466...
https://mwzeom.zeotap.com/mw?cid=

95 B
152 B

43ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba71589a72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

95 B
152 B

45ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6f1dad72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.23.7
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-INbxiHhE2opJdsTmRNjrddlGpPddBaAvkQ--~A&zpartnerid=570&env=mWeb

95 B
152 B

47ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-INbxiHhE2opJdsTmRNjrddlGpPddBaAvkQ--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6fae6772e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: http/1.1 spdc0104.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-INbxiHhE2opJdsTmRNjrddlGpPddBaAvkQ--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=npaIhORq0nb3celyXn9Qfs5R5qFRS094%2BS41iYitP1U%3D

95 B
152 B

48ms
47ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=npaIhORq0nb3celyXn9Qfs5R5qFRS094%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba6fce8c72e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=npaIhORq0nb3celyXn9Qfs5R5qFRS094%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 18ED 43 B
356 B 139ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 18ED 0
338 B 131ms
38ms Image
text/plain 108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1664181977
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 18ED 95 B
361 B 152ms
49ms Image
image/png 157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2 503 cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 18ED 0
178 B 123ms
28ms Image
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664181978.599391,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lcy19254-LCY

GET
H2 204 v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 18ED 0
210 B 188ms
73ms Image
text/plain 13.32.99.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-36.fra60.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: CVLSEIS95LIg3RvyDwnUDh7A-DbWZT4KB75PmUDKZad2e6Q2YNl_7w==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 18ED
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23...

0
337 B

39ms
39ms

Image
text/plain

108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1664181977
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
date: Mon, 26 Sep 2022 08:46:17 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a020-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 18ED
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-446...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-446...

43 B
568 B

47ms
47ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: JEZEZKYHXQR1BR4EH1X2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: YF410A1XPJGW22ABAEAZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 18ED 0
145 B 353ms
188ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361

95 B
152 B

46ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba71286672e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
date: Mon, 26 Sep 2022 08:46:17 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 18ED 0
214 B 175ms
43ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&pt=d[&gdpr=0&gdpr_consent=]
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 18ED
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age...
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59...

95 B
152 B

112ms
111ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 750aba7198f472e4-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361
Date: Mon, 26 Sep 2022 08:46:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 96FE 31 KB
10 KB 52ms
51ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 08:46:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72328
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9422
Expires: Tue, 27 Sep 2022 04:51:45 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8C2D 0
39 B 43ms
28ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31520647&p=161562&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:16 GMT
content-length: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 1F74 2 KB
1 KB 183ms
84ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b93ac2ec0d5721cf83448905d4349bb73ebd7d847517a63bc3f7eaa5f77879dc

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 750aba6e5da306c9-LHR
content-encoding: br
content-type: text/html
date: Mon, 26 Sep 2022 08:46:17 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzz%2FOpx%2BZMt2hkPT1DrAdctAaDv9yysUJvQK%2BxnFWNSolYoDQlj6yxFYwNFBFdHzCrJ3OEPSQpm5tUZUjR2T8kckMO2sirqOWC1qV1rGEL2X7rLXjyNwWflMebEjvhlRslYDNgEV1ukIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 96FE 284 B
536 B 191ms
44ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 149B 0
747 B 41ms
40ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 26873c4b-fd5b-44b1-a2aa-0ed71b1804e2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4025 0
747 B 88ms
47ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0930d4a-9e6e-4e7d-ae0b-95c1a0a0f9eb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 115ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 26 Sep 2022 08:46:16 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 566426
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1F74 70 B
264 B 40ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1F74
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&dcc=t

43 B
855 B

140ms
140ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: J0DQF3B7VRB27NQ1C174
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: FHZ18ADAX5C1558GWFE1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1F74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzFm1jkj0novzd9voFO7gwAAEXwAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECV4D84nR7vJgg6Cq7ONBxo&google_cver=1

43 B
876 B

125ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECV4D84nR7vJgg6Cq7ONBxo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba6fbf3872d2-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjAOB4LRgsQaaXh9vk6KNYLgc47%2FemcrF7XJUgGOar%2BAyJbylYOzFgrR9hjzKjWhCEOH0toyLJGrQajvKdLplwsFiXEnnpZQ9bErXMflke7t4dyvQu0VouXZPWVZT0cb1w4j6zoeoiChGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECV4D84nR7vJgg6Cq7ONBxo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1F74
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4468153714907649608

43 B
845 B

84ms
83ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4468153714907649608
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba6fbbd24052-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUmjpKpw0kMSC9%2FU0uq%2FTb0DCsXc%2BYM4vY9tN2bKSyL5my3AFuX6c%2Bjhg1aSVU99cUEgZDU2pfu0PnCQTzIHfc99IIyiDAsPmHZ1Y6rGjsSI0B3pLNXmVz0j5wotJziuZQH9ObXVIZBD5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e482a225-aa96-4670-98e9-0445660bfbc2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4468153714907649608
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 1F74 43 B
433 B 173ms
39ms Image
image/gif 52.210.103.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.103.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-103-234.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 1F74
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4468153714907649608

43 B
873 B

231ms
93ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4468153714907649608
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba701d5a7731-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6a3F%2B4PivGF%2F67mbKua2sBz0zekdKevXtgFlMKUEn7bGxUFfDHpc70D5%2FkKhUD%2F8VlSsTFxr21xeGPejsfOqXSEkDSFANMCIvCMgpSPMz13xefasufPH3%2FLQbRtZlagPCuKrPxO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:17 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6f53091e-e229-4502-ad58-4636ebd55ddf
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4468153714907649608
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 YzFm1jkj0novzd9voFO7gwAAEXwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1F74 43 B
604 B 380ms
49ms Image
image/gif 2a05:d018:d29:3605:81f0:8432:14d1:181d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YzFm1jkj0novzd9voFO7gwAAEXwAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:46:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1F74
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55896331-66da-4100-b1e3-dba423ae30e4

43 B
847 B

74ms
73ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55896331-66da-4100-b1e3-dba423ae30e4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba764d864052-LHR
pragma: no-cache
date: Mon, 26 Sep 2022 08:46:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjCFQNrfR5B9Wmdf%2BGYEsPxck%2FxziVD8F85kRtnW7R8cqYs0H%2Fca4YNWRAMBo8mUVxn01GAnxZHYPQ%2FMGzKy4s2Qu4SVw0xt86C4gOmzKVKvH0h%2F5MJuofaI%2Fj1E5qG1DD6mbVcw6YJZ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Mon, 26 Sep 2022 08:46:18 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55896331-66da-4100-b1e3-dba423ae30e4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Sep 2022 08:46:17 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1F74 43 B
351 B 119ms
35ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YzFm1jkj0novzd9voFO7gwAA%264476
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 750aba6f78e276e4-LHR
date: Mon, 26 Sep 2022 08:46:17 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 112
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 26 Sep 2022 12:46:17 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 149B 0
747 B 56ms
56ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:18 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6263820-0086-49d7-981b-aebf6ecd7a4f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4025 0
747 B 41ms
40ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 08:46:18 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0c354f11-8a58-4393-b28b-c0cb1ed37437
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leokross.com
URL: https://leokross.com/vAW/aGeq.js

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 15:52:21	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D
vsim.ua/	1970-01-20 06:16:22	Name: Value: undefined
.vsim.ua/	1970-01-20 06:16:25	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 06:17:48	Name: _gid Value: GA1.2.1471119187.1664181973
.vsim.ua/	1970-01-20 06:16:22	Name: _gat Value: 1
vsim.ua/	1970-01-20 15:52:21	Name: GN_USER_ID_KEY Value: 1a10ab74-671b-482b-a7ab-94352bd7e59f
vsim.ua/	1970-01-20 06:16:23	Name: GN_SESSION_ID_KEY Value: 1299eb37-0d19-4dd9-bde6-870afcc8767c
vsim.ua/	1970-01-20 06:59:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 15:01:57	Name: _pubcid Value: 8eb5d26e-808c-4f3c-baa7-3d353d1445bd
.vsim.ua/	1970-01-20 08:25:57	Name: _fbp Value: fb.1.1664181972885.1369131307
vsim.ua/	1970-01-20 06:16:22	Name: browser_id Value: 0aaabe71-d7dd-4b43-8882-ada7382eb4a4
vsim.ua/	1970-01-20 06:16:22	Name: remp_session_id Value: c11dea88-1bc7-4cc9-80e4-8bc85f6b87e2
.vsim.ua/	1970-01-20 15:52:21	Name: _ga_0CS1NTGGLB Value: GS1.1.1664181973.1.0.1664181973.60.0.0
.vsim.ua/	1970-01-20 15:52:21	Name: _ga Value: GA1.1.2060000085.1664181973
.vsim.ua/	1970-01-20 06:16:23	Name: __cf_bm Value: 60r5Ghd6PEMG2hPuwAff1mLc35UtugjvzUIh9ybd0IM-1664181973-0-AfJDZUGzP6VqAFqNZhydtabUM1fPDcsk51IQU+Vv6aVvvNfJZvu0nlsZobIM581IDH8vtcwXB5FBjt8JKbHjFcHTHW/HsX47Nc4qCZ6gi0CopWbzL2zVg6RDrM0b+ZRgog==
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 15:52:21	Name: E Value: AJOIpG5ywOX5HiAg
.adnxs.com/	1970-01-20 08:25:57	Name: icu Value: ChgIq9pcEAoYASABKAEw1c3FmQY4AUABSAEQ1c3FmQYYAA..
.adnxs.com/	1970-01-20 08:25:57	Name: uuid2 Value: 4468153714907649608
.doubleclick.net/	1970-01-20 15:37:57	Name: IDE Value: AHWqTUlXmAvmMiLQQXBwPF968GbCEUcEOpZAAs8_uuSsMNFM3YRelS67QhvBnfYUG9A
.casalemedia.com/	1970-01-20 15:01:57	Name: CMID Value: YzFm1jkj0novzd9voFO7gwAA
.casalemedia.com/	1970-01-20 08:25:57	Name: CMPS Value: 4476
.casalemedia.com/	1970-01-20 08:25:57	Name: CMPRO Value: 4476
.adnxs.com/	1970-01-20 08:25:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTxK8$Wn!@wnfH8K6pQK`!5=E<L5>xh277YX35tJ?$f%:Xuh0:Rcicv'hBR#8lYKPVObpRzqF1`b]jI)lmx%
.vsim.ua/	1970-01-20 15:37:57	Name: __gads Value: ID=0dfeb89f60dac50a:T=1664181972:S=ALNI_MY_6dH3pEj2fkPr5gMgLNVf3kDhcg
.zeotap.com/	1970-01-20 15:01:57	Name: zc Value: a8bb7fa3-ef0f-490e-4466-6c9a0d19f421
.zeotap.com/	1970-01-20 06:17:48	Name: zsc Value: %2Bp8%18%B1%EEB%0A+.%BB-%2F%ED6%3B%85%CC%A9%E9%B9%B9%A4%24%04%2C%03%3A%C2%01O%0A%8B%AD%09%A2%E6%08%0BF2q%AE%5D%83%A2%2FC%DD%B4%00%FA%F6%AE%83%88%A6%05i%89E%B8%1E%CA%BEDOX%00%0B%3F%80%8B%C6%FF%EC%BCU%A2%9FKD%7B%F7%E5%CE6%D2%03%E7%DFS%B0%92%D5%AD%A2%0B%1E%F2%8Ca%E6%1A%1E%CD%AC%8B%A9%AF%CAg%BF%82pmZ%AD%B1%BE%AC9%94%B1%AFI%A2%BA%DA%2C%B6%7D%9Dy%B5W%9E%FD%0F%C1%0CWb%3Fg%CC~p-%86m%82%F6%2F0%A8L%A3%C2%9CJ%A7%15D%CE%83%D3
a4p.adpartner.pro/	1970-01-20 07:42:45	Name: apuid Value: da79217a-16c9-4642-92d7-8269046485e7
.ads.pubmatic.com/	1970-01-20 06:17:48	Name: KCCH Value: YES
.adfarm1.adition.com/	1970-01-20 08:25:57	Name: UserID1 Value: 7147607165815355538
.demdex.net/	1970-01-20 10:35:33	Name: demdex Value: 76987020472294622120796426364947297597
.tapad.com/	1970-01-20 07:42:45	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 07:42:45	Name: TapAd_TS Value: 1664181977226
.tapad.com/	1970-01-20 07:42:45	Name: TapAd_DID Value: d00fd008-0dcc-4ae8-8ed8-1ab26e8f8445
.dpm.demdex.net/	1970-01-20 10:35:33	Name: dpm Value: 76987020472294622120796426364947297597
.weborama.fr/	1970-01-20 15:42:17	Name: AFFICHE_W Value: NWilUURh-sM156
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.tidaltv.com/	1970-01-20 15:01:57	Name: tidal_ttid Value: 3c201b3d-ac6d-4f16-ab5e-4bc5de0158e3
.krxd.net/	1970-01-20 10:35:33	Name: _kuid_ Value: PGgxFWdU
.tidaltv.com/	1970-01-20 15:01:57	Name: sync-his Value: "H4sIAAAAAAAAADM0NjI1sjK0MAIAOyfcAQkAAAA="
.agkn.com/	1970-01-20 15:01:57	Name: ab Value: 0001%3APY2O8R461c9rvIY3XATR91XLaTqWvJvs
.vsim.ua/	1970-01-20 15:37:57	Name: cto_bundle Value: zzDKNV9ySjdGSEFkZG9lJTJGd0tnYTglMkJwa2hDSVJqamF6aFVIV253YXpsd1dQSXEyJTJGN2QyTlFXQUt2endzelN1RzV2Q1J4aTVwY0hUZ0xFUXhXQmlhMXUxSzgzdlhqNzI2UG5WMVczb3U3UTFtRmhoNCUzRA
.vsim.ua/	1970-01-20 15:37:57	Name: cto_bidid Value: R3fuVV9tdkJaNVBIR3ZUekJBSE5Ea3RUWjdYMTNFbFJDdWJ6aGF3cnIwczRaZHpHMUpvJTJCU21KN2RSWTc2VmlWNkxTT2E5SGN5RXRwZyUyRnJXbEZiJTJCZDBkVyUyRlN3JTNEJTNE
.richaudience.com/	1970-01-20 08:25:57	Name: avcid-zeo-uid Value: a8bb7fa3-ef0f-490e-4466-6c9a0d19f421
.casalemedia.com/	1970-01-20 08:25:57	Name: CMTS Value: 4382
.fwmrm.net/	1970-01-20 10:35:33	Name: _uid Value: "e9ada_7147607165808333709"
.smartadserver.com/	1970-01-20 15:01:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:01:57	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.yahoo.com/	1970-01-20 15:02:19	Name: A3 Value: d=AQABBNlmMWMCEOHVWWkKgFVojXc9RGCLO20FEgEBAQG4MmM7YwAAAAAA_eMAAA&S=AQAAAqevQQZ8dUK207pgTz8ILEg
.bidswitch.net/	1970-01-20 15:01:57	Name: tuuid Value: 50034344-74f7-4edb-ba54-a8fd2a9aeaec
.bidswitch.net/	1970-01-20 15:01:57	Name: c Value: 1664181977
.bidswitch.net/	1970-01-20 15:01:57	Name: tuuid_lu Value: 1664181977
.adtelligent.com/	1970-01-20 07:45:38	Name: vmuid Value: 18f66a876770a9f6
.adtelligent.com/	1970-01-20 07:45:38	Name: a307558 Value: da79217a-16c9-4642-92d7-8269046485e7
.amazon-adsystem.com/	1970-01-20 10:45:38	Name: ad-id Value: A-2CBEOoKUFfn9kJcM63ZWI
.amazon-adsystem.com/	1970-01-20 15:52:21	Name: ad-privacy Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da8bb7fa3-ef0f-490e-4466-6c9a0d19f421%26reqId%3Dbec59917-58df-45c7-7f5f-17eeda23c929%26zdid%3D1361 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a8bb7fa3-ef0f-490e-4466-6c9a0d19f421&reqId=bec59917-58df-45c7-7f5f-17eeda23c929&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21ed2c36941c96379fe78a59b1c637f7.safeframe.googlesyndication.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
api.gravitec.media
bcp.crwdcntrl.net
beacon.krxd.net
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
data00.adlooxtracking.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
engine.widespace.com
eus.rubiconproject.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
j.adlooxtracking.com
js-sec.indexww.com
leokross.com
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker_beam.20minut.ua
trc.taboola.com
unpkg.com
usermatch.krxd.net
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
leokross.com
103.229.205.242
104.18.18.126
104.18.19.126
108.128.241.23
13.32.99.36
142.250.185.66
142.251.39.2
15.197.193.217
151.101.130.49
157.90.211.246
162.19.138.116
178.250.0.157
18.198.69.109
184.51.9.34
185.172.90.251
185.184.8.90
185.64.189.112
185.64.190.78
185.86.137.132
2001:4860:4802:34::36
212.82.100.182
23.227.139.243
23.35.236.188
23.35.236.247
2600:1f18:6593:f607:ba15:f8ca:726:bfa6
2606:4700:10::6816:1857
2606:4700:3035::6815:3aed
2606:4700::6810:7aaf
2606:4700::6812:d4c
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200d
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a00:1450:400d:804::200e
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:80e::2003
2a02:2638:1::13
2a02:6ea0:cb00::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b001:bd35:2c7d:1af2:e9a4
2a05:d018:d29:3605:81f0:8432:14d1:181d
2a0c:5c81:5142::2
3.218.193.24
3.248.73.132
3.75.14.26
31.41.216.82
34.111.131.239
34.98.67.61
35.156.45.124
35.214.184.209
35.227.248.159
35.241.31.249
37.157.2.237
37.187.28.21
37.252.172.37
37.252.173.62
45.133.44.3
45.133.44.4
51.83.220.94
52.210.103.234
52.211.23.209
52.46.143.56
52.94.223.37
54.216.193.48
69.173.144.138
69.173.144.139
69.192.160.219
85.114.159.118
92.123.9.160
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
02cff5503cc397bd97b4f66065c8096550302a012d15c03cf936cc1566862439
03ae4ba0f72a9f798f2256a8e2d955c0583977a43d1d9464fe6cd291e7f99ff8
0469bf673e1858b7d9fc2a04871039b10282e78f7c8d7ff9ed1eac1adad8bb0f
06097577a71685bf2930b06cbb769871ccb6438278e3c0eff8e4c0e22fb1062d
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
0a1e69cda9af4f31a3cbb4f3c2ff7aae63a034d603d9438a72da94369ee88387
0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
136afd926d4d4d63e28f6f7ecc2c549c82fb8780b549c7a626933b828b0500b4
17970d9d7ed93edbcac84ccd2fdf0286835d807ed80d9bb008d8b97f220a057c
1889b9a5de9b6074f3c8cc1d03535d58184684827690e9068cc0a3d2912c988d
1930f794c063f63741a3274a728beea99a3357442303b7ad32956517db069b0a
1aa1d56013515bec6d79a423d9f069bd00d7f09afc3f5a3d59bafe4ca4efd97b
1baf631b124fd6ae548269f7b575c7727612c4cfb05749d7d6084030c7797c7f
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
20c04d1b4e2010e1f7d61514bdf073b1ee8af3fb5a7a7c23878c9214fca60dec
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2739ea9936b93466f33d693b8fa5333a5331133c49e89588877673530c6fd194
2b97e46a5cd5da941d8fd49a3da94a844b704cdb6186bc9dfa34cb2e1900cbb6
2ce4e0c265d6ac7399ba01bdfe5e98c9ba31041332d85ead7b7e66d75d000872
2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756
301a111de077f70d1112da8ce1978b6eb041fcb48be728e9cc81eb88b0f98d2f
330da08cf9e849d55c2c932b2cb0f8a6c747201a274de17c6f44d05ffe57854d
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
34bce76ddb6f1d83453233eb68dc19f5f8d1734b6263bddfd77a5f0edd7f4f3d
38bc6dd0b99d8f3192c498597062251b8ba7d580d600bb05833112438664a26c
3a565b09d0fea73ccfd0965ed48acbef916f93bbd956017e77f8a726d94714cf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dde86d1452bef784b2e572cf459ce798f82f7d216593b769190ada4cae240eb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4165da6128f7befdc7819c3b87e78cf2771d667b02f7b7253d8d0c505d281bd6
4794ee8f55c96958afc723aeb58936bf215622bd8f2c61ea8a3f842737ae2224
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7dae5b6b79db79b1f08c73aa1da73491c195fdfeda4287121443d712c58f5d
4d69bfe8ee79f9288bafffdd55e8d5260907e85cdbff714928b4e1d8daa6a2ce
4e32d818e03be4c30e359da86b8aa7928b8bf771baaf1c8a9054fdf0c9c6c8ca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52e3d24e435b9c2d364d5bb5286a92e54b7d0dc7a2fdca925b3ad4914f57cdc7
54631d1c399806ed4a4cd10984a97e61bbfd4319a3e47be75c98a774d89287d7
558fdd17bba736d3c861e548e2870278e9f68dea1141be1377c93e0f8ce378cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62318dcffb7b5bc76e275762444a4c95bbee865609bf14985f7e97d72081b67c
623271e8c873fe29ec241ba7a856787aa39b9c91c7f166ebb2aa98e8a13c1446
66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5
67c1de63d6aedcabf0a5570ba0a5c8f7131baead984f107698be6eff55dd76eb
69115d69ba345261d265bc9158cb3398a97de94253605eb2664552739ab431a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73093a0fb8b39b673102c665f068c53c7e4b1ff31fbf65277774899fe2a28d21
760655965d7557c01773305fc9efc016407d132cea5a7a86a9273aca6f95f5b6
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
838f126475297f4de7e0110a2a6b65eef87024271d0110fec1efd0f8ad69dac0
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8a02b1b1759a6eb16615705ca8f1e754ec98f4e73c3d2d9b5e7d9027522d21
91c0f63f6c20ed56ede3c4a566d83f3d9f5820a3beb09fc93a027a2110c015c7
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
92b74083244984ba6ec4f078d00cf08281897e965f2a5d0541b3dfaf0fa4cf91
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
97e683c34fc6c1fe855b126d7fd9e0c5ab63b94f3065b6f231f282ef76e5260d
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9b3d15910ea85878148af2fc4043f938a1237e7ea33a5daa6e78e877b0f2f0fd
9c33a141076bdadde8c0dedc63455c0824ed9b8de2356f33edc7f15d97783a63
9cec0057bc3bb49f520b6efc89128e39122f9b01b4d74056ab9c95c69860d3d4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
b93ac2ec0d5721cf83448905d4349bb73ebd7d847517a63bc3f7eaa5f77879dc
bae34fc57b2c61b2d1028f651253f801ff34c44d116f6f9217a8dbfd2debed4d
baf6990d122f4438735a3b53c7a639fd3b4fbac42d4a5077e41beb6f27f4f47c
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c6edfb7c948f22551441519f9f274eebea903edeca3b4ac53356eefb34df2fcf
ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc91883fbd78126c9311d9164dc231af4572ed76d0180c0c88df87b35e91fef7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf2e3d328bbdd313442dbefd32d519b6f086117c8d04d01c6fb58f9743e96112
d061022e4ea64c3f0dd5b563f06df4bc006c5d6eda4fabae0e4463c7dd02afc4
d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9
d421eeebe9dfe3405a9f328405eac572d589ee2e1d91af83fcd33dca7a82d1ed
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d66f8e9de8dbbc16a0d4cf3bb4c4508f3c5f22b0d08ed22fafeef5b73ffab905
d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a
d834fae70856749ef4f67d4b497acbdf1dc974b7af71addf5e521f2e40d52e2d
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
e39e41d9862cec7b5777e7a1ea5310856b3451f5569155f25c6ebeea372b4353
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ed244f14205a6a842b6079ca5fdd2ee68c836ea76d92ef9bde52ffcfdc305f
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
eecc10953cd38efa6730ae5e8376d4ff6f8516f5a63325b3d92f1768d10372d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e44f11dedbd1b30eeeb1780763ab0c4a53016cc28771cbc7d122463c1fe099
f2e614bb3ceb485b86114b48c2202f19f445d42cda858ba3b958d6de0d75b462
f6c6239a9e9e560564a5667bc79b289cb226858cb5cb3ed2ba05da812ba9df7f
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

vsim.ua Open in urlscan Pro 2606:4700:3035::6815:3aed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

229 Requests

88 %HTTPS

38 %IPv6

56 Domains

87 Subdomains

68 IPs

11 Countries

3246 kBTransfer

8277 kBSize

56 Cookies

14 Outgoing links

Page URL History

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vsim.ua Open in urlscan Pro
2606:4700:3035::6815:3aed Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

88 %
HTTPS

38 %
IPv6

56
Domains

87
Subdomains

68
IPs

11
Countries

3246 kB
Transfer

8277 kB
Size

56
Cookies

229 HTTP transactions
5 data transactions