vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On June 06 via api (June 6th 2022, 7:36:10 am UTC) from GB — Scanned from GB

Summary HTTP 203 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 29 domains to perform 203 HTTP transactions. The main IP is 31.41.220.94, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is vsim.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 4th 2021. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	31.41.220.94 31.41.220.94	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
8	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::16	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	204.237.133.116 204.237.133.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.41.103.203 52.41.103.203	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:c400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2600:1f13:800... 2600:1f13:800:7780:3e5f:aebf:616:7e23	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.69 141.95.98.69	16276 (OVH) (OVH)
203	44

48 31.41.220.94 (Ukraine) 1 redirects

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::16 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.103.203 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-103-203.us-west-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:c400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f13:800:7780:3e5f:aebf:616:7e23 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	vsim.ua 1 redirects vsim.ua	1 MB
32	googlesyndication.com 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	680 KB
21	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	223 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	337 KB
16	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 738 static.adsafeprotected.com — Cisco Umbrella Rank: 548 dt.adsafeprotected.com — Cisco Umbrella Rank: 482	96 KB
11	google.com accounts.google.com — Cisco Umbrella Rank: 78 ampcid.google.com — Cisco Umbrella Rank: 1698 adservice.google.com — Cisco Umbrella Rank: 70 analytics.google.com — Cisco Umbrella Rank: 616 www.google.com — Cisco Umbrella Rank: 2	79 KB
10	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5092 ghb.adtelligent.com — Cisco Umbrella Rank: 5958 sync.adtelligent.com — Cisco Umbrella Rank: 3468	154 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 26117 id.gravitec.net — Cisco Umbrella Rank: 112307	58 KB
6	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 439 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518	5 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	13 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 358 mug.criteo.com — Cisco Umbrella Rank: 2958	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	170 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	5 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	199 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5121 www.google.co.uk — Cisco Umbrella Rank: 3281	1 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 847	38 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 611	140 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 3641	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416	164 B
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 47199 api.gravitec.media — Cisco Umbrella Rank: 37882	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 600	614 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 7198	259 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5952	169 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 16676	373 B
1	leokross.com leokross.com — Cisco Umbrella Rank: 525453
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1297	37 KB
203	29

	Domain	Requested by
48	vsim.ua	1 redirects vsim.ua
18	s0.2mdn.net	vsim.ua s0.2mdn.net
17	tpc.googlesyndication.com	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net
13	pagead2.googlesyndication.com	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
12	dt.adsafeprotected.com	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com vsim.ua
11	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
7	cdn.gravitec.net	vsim.ua cdn.gravitec.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
5	www.facebook.com	vsim.ua connect.facebook.net
4	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	ib.adnxs.com	1 redirects player.adtelligent.com googleads.g.doubleclick.net
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	unpkg.com	2 redirects vsim.ua
3	accounts.google.com	vsim.ua accounts.google.com
2	static.xx.fbcdn.net	www.facebook.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	static.adsafeprotected.com	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	vsim.ua
2	fw.adsafeprotected.com	1 redirects vsim.ua
2	googleads.g.doubleclick.net	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com vsim.ua
2	pbjs.e-planning.net	1 redirects vsim.ua
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	tracker_beam.20minut.ua	vsim.ua
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
1	id5-sync.com	player.adtelligent.com
1	sync.adtelligent.com	vsim.ua
1	a4p.adpartner.pro	1 redirects
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	www.google.co.uk	vsim.ua
1	analytics.google.com	www.googletagmanager.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	leokross.com	vsim.ua
1	www.googleoptimize.com	vsim.ua
203	48

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
vsim.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-06-13`	3 months	crt.sh
leokross.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
cdn.gravitec.media R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
api.gravitec.media R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://vsim.ua/
Frame ID: 80969F6ED0DF067BC597B39B72E0B422
Requests: 108 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: CA2C6B8B3F0D79138494289199824DB1
Requests: 3 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 283C10AFF0B51FF8AB965665785EF30D
Requests: 1 HTTP requests in this frame

Frame: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA8035C20F98A48CB3519B57C11EC0F4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5B73F305ADFC945F154DBE458A57EAC8
Requests: 1 HTTP requests in this frame

Frame: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 44DAC36DD058CCC304B70B33048B53AE
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEY0PWQywEwAQ&v=APEucNX7alpuRAWWJ1zSHPt3E90K_dWBLq2MyGakScotmiF6C0D076cspPuSXVZowWSQpY1uEPb2VePBefZj8YKVAzoF-7EngCrHrvu3l7cG-qZYeteDHN8NRZ1cjKYtA22vT9JcGue_ghEzRFoZfjyLaHaoGzL5bV248xTyzShMe3bi3_eJ2xI
Frame ID: C137B828CBC04996FAE40467AD31ED36
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
Frame ID: EBADC42375EF167DE4B03DBB9AC6B6B5
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C4B4669BBA89EC7F62B4692FBC886F5
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMfBP3JuORCE5Evqs-pFhTA-8VfmsYyhOTOHfqfSvRoX51qI30AEFLHVeTUDAxdyaM7rJmE5IsIWckUqOlR93s16A5rNajhcR-6ry4NEobkIkp8FLJgPm7T-bE-xzNf_LB67Thsll6GmjSItd1u98En95Kub1bNoPNzde7Dp_AeANCQ6Qo6nSeMjcZLwRwKlITIBN-pNUoSzFqHT7R1mLZt6Me_vc6-wHkLIQE8WizOXVR-fdZ6SZCGiFeLKp0Oz4nAGm2k_88aGJ5ZmCuNzNr7_IIP9vsYZmqbPOPP9qIaO_tuh2XbSGV2w&sig=Cg0ArKJSzHB-O-kIjEXTEAE&uach_m=[UACH]&adurl=
Frame ID: 8CABA16C9456AD463C5BC94D8CC95D33
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxklCizQ2ajEl9_N2sEwdywESFnGMQOMJXD2rBmkSV5SJcmiFPRVCEhJNV8Iqe8rYyVO-F6WmtFdEry3Uj41Fqb-RHEwVGgt6Bo9NPnmA0u3rFe0I5Sfxbc-HzG-lWtrdupIJ-S49ab_p0NbSwVMmL0IX3TPSywHVbMiiDMb4Qj_0iTimUF0nzCzts7H2U3MtgRmyy5OF0qj4y6IJrJ0_oQ4rlMj44fsOH-2ldRVMgk3pxaO2X1Tf6-ewkovjK3bVuHrKBpOOq9CHuvfxF7hYypjU9k8q-UF5bZFy0Qp3fEEykkDmku-4wcysfzwAxaClcr4fqfI3O&sig=Cg0ArKJSzNSEGIzGvoy3EAE&uach_m=[UACH]&adurl=
Frame ID: 94FB67C51D8859529918B2609778608A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdhbQv26XGEUsd86sDtsa85WXv70QR88LoluS5nioNIKdBDHrFDRfmOAOMdLydPV2hMja5JIxeQUb2ibsVfCKU8z53vrLGBN-fdsk0loN-CQGDwfyrk3u4mvZlTAX6nfPIa8a6f_DTIwJwB-mVCGUvK70iB9pL3yOvgLwnvZuCnQjnycUd58xac3Qf-JW9fWD-dJzyFhlOpURmwhfeCUh9CKT4piBwbdlNspcIjUyGzHdci-AEjOMI-kzL0ysUASJdt_IPdPEPd3hnMbqnjgIXiMlcctdYtBmLiI4-3hu5YgmG6ZHvHdwgxikU0eUrXHJbxAfTozQQkA&sig=Cg0ArKJSzDGuLaF5Wg9pEAE&uach_m=[UACH]&adurl=
Frame ID: 00B8B058CEAEE4011F9B5B206FA1EC67
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: C7FBDE3023A3024567514E5820C77F4C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E810F7986FE06D48B703506EE1ABC797
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2b5a6b4a8908%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff256a3e11ce712%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: 558BC2601A4883E91B11D1B77A3CF307
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E7E35814CED29315A7190C9C0E338AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C0313BA7F2F407EF0E7941C129F3D7F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

203
Requests

95 %
HTTPS

52 %
IPv6

29
Domains

48
Subdomains

44
IPs

8
Countries

3530 kB
Transfer

9047 kB
Size

32
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.2 HTTP 302
https://unpkg.com/imask@6.4.2/dist/imask.js

Request Chain 76

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=405cba69-954a-45f5-a625-9de6ab3dd9e4 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=405cba69-954a-45f5-a625-9de6ab3dd9e4

Request Chain 83

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bad43652-5d83-43d9-a27d-7be8339908b6

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1&C=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yp2uYmmChQbfFp5hLGBWnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOurwY4bBeglBLQr8qr0Y1I&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHDFeaMFa37LaJGuUGbrvPg&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNzUwNzI3ODAwNDA4OTUwNg%3D%3D

Request Chain 145

https://fw.adsafeprotected.com/rfw/st/1056993/63470348/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5b21d688-a337-f073-7bf4-f0b0af3c085a,c:eK0NZf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7dc5495d5b-sfdqn,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:17,oid:512dcca9-e56b-11ec-b7f7-2a1e26d6038b,v:19.8.316,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=

Request Chain 183

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=0dODeHwrQ0Y5bnB3WmxCQSt1Y1VKUFVHYUQ5THA1S1pKZHNQK2UwT0NqRitHOHNzUm0vSVBvSXpwcXVVNldOcG9aaVdGV0xlcVM1c3RTTW01VWl0K3NMbElmOGtmMlFOM2tuMk5uK3M4dTZYMlpNWXNIVllMS0NCdTBEMzE1dkNFTHIycC92UTc4MCtYVzBLMVBCRHp0a2tSTjRWRHRZKzdjeGZOVkNOYzlvU0I5aTlSVVJMNTJ3REtoWU5yZzFqRkhiZmttN0NsaFVOTTYyZDYraTYvNEVqbTZqNnlvTUJIQkwwN2VVZm52dzlFOWR3PXw&cppv=2

203 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

295 KB
42 KB

3001ms
2832ms

Document
text/html

31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: c24294d1f89fff020d723364a2579d634970402884aba7d50a3018fc4e7f1884

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, s-maxage=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Jun 2022 07:36:00 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 06 Jun 2022 07:35:57 GMT
Location: https://vsim.ua/
Server: nginx

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 95 KB
37 KB 150ms
48ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3b4f208ea2995166300a3d63d11e9bf98f6d076244986480ea3994861b1fb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37523
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 07:36:00 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 152ms
67ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 09:11:37 GMT
server: nginx
etag: W/"624c07c9-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 05 Apr 2022 09:12:11 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
33 KB 90ms
90ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 11:48:54 GMT
server: nginx
etag: W/"629600a6-17b3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3831ad9.css
vsim.ua/css/ 631 KB
96 KB 151ms
151ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 87e36f6113145798fd0bef9811d421b555449f0f3a6499d70fec815c081afaa2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 11:48:53 GMT
server: nginx
etag: W/"629600a5-9dc01"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
77 KB 226ms
131ms Script
application/javascript 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29755c6f88c6d190e9753c95a9cfc6bf79c9485e701a74326dc2b2c3ccb8c8b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rxk33ROera3noxjyuO0OFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-rxk33ROera3noxjyuO0OFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 06 Jun 2022 07:36:00 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 167ms
161ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-126c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4716
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1 KB 167ms
162ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-467"
content-length: 1127
content-type: image/svg+xml

GET
H2 200 a9809c8769eb1f0b05d56a16f58ad1c75f7c9224.jpeg
vsim.ua/img/cache/reference/panel_link/0023/03/ 77 KB
78 KB 168ms
162ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0023/03/a9809c8769eb1f0b05d56a16f58ad1c75f7c9224.jpeg?hash=2021-04-22-14-46-46
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 8d055f06176b7d175b33b0c86d749cb1c28072cb4f9aecd978c0581e3efd54c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Mon, 26 Apr 2021 13:52:21 GMT
server: nginx
accept-ranges: bytes
etag: "6086c595-1357f"
content-length: 79231
content-type: image/jpeg

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 175ms
170ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: nginx
accept-ranges: bytes
etag: "6218cb88-e27"
content-length: 3623
content-type: image/jpeg

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 175ms
170ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
1 KB 175ms
171ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-3a1"
content-length: 929
content-type: image/svg+xml

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 176ms
171ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
945 B 176ms
172ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-2fe"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 766
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 176ms
172ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: nginx
accept-ranges: bytes
etag: "620a82c1-200e"
content-length: 8206
content-type: image/png

GET
H2 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 179ms
175ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: nginx
etag: "6268eb99-1329e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 78494
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 188ms
185ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: nginx
etag: "6268eb99-35a6"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13734
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 124ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e0c065341de647899dd6e8aebd1add0d78749202274e299f96bb4e70296dbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xIKx8WsUm27zO1c+ez1xnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 06 Jun 2022 07:42:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: E68iHkoWeyiz85Lon2Ya1yecizkf37MnQPX3QnBb7eAoAe3R9L8xxYdzDKlw4Byfx7aGSyMRwr1yrzvN3f35fg==
x-fb-trip-id: 917726464
x-fb-content-md5: 2d5e75c281efd461fdb037a809104447
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Jun 2022 07:36:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f6feb364cd6cb5a2b0fc99e8ee29a841"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.2/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.2
https://unpkg.com/imask@6.4.2/dist/imask.js

166 KB
38 KB

71ms
71ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.2/dist/imask.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10098266
fly-request-id: 01FVF0MEM9R82PJZRWV45JJY9Y
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"297db-B/zbN+2crPCo1IRXSpVqEqQx/1k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 716f797e6836cc42-ZRH

Redirect headers

date: Mon, 06 Jun 2022 07:36:00 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVF0KPWPNHFDD5B1KYNJ3R38
server: cloudflare
age: 10098265
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.2/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 716f797defc3cc42-ZRH
access-control-allow-origin: *

GET
H2 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 189ms
185ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-75a"
content-length: 1882
content-type: image/svg+xml

GET
H2 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 189ms
186ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-884"
content-length: 2180
content-type: image/svg+xml

GET
H2 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
3 KB 189ms
186ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-aa0"
content-length: 2720
content-type: image/svg+xml

GET
H2 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 190ms
187ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-7c3"
content-length: 1987
content-type: image/svg+xml

GET
H2 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
4 KB 190ms
187ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-1132"
content-length: 4402
content-type: image/svg+xml

GET
H2 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
5 KB 193ms
190ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-145a"
content-length: 5210
content-type: image/svg+xml

GET
H2 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
239 KB 90ms
90ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 11:48:48 GMT
server: nginx
etag: W/"629600a0-dbba4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 504 aGeq.js
leokross.com/vAW/ 0
0 3972ms
3425ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leokross.com/vAW/aGeq.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/459583/ 382 KB
117 KB 127ms
54ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4f0e5b88053bf2742591f7efdbbbd6fc2814be4532c485eec0ecb404808222b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 22:00:58 GMT
server: nginx
etag: W/"629a849a-5f808"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 07:36:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 147ms
53ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

fda497832701749b71a42246a178905a1adbb188c04ea88ecd71390ecf140b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28116
x-xss-protection: 0
server: sffe
etag: "1236 / 20 of 1000 / last-modified: 1654293884"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Jun 2022 07:36:00 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/459583/ 786 B
744 B 167ms
94ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459583/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2022 21:01:07 GMT
server: nginx
etag: W/"629d1993-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 07:36:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 108ms
39ms Fetch
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
x-correlation-id: be76f74858463b69ef573bc682b2fa2d
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 74
date: Mon, 06 Jun 2022 07:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Jun 2022 09:34:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
45 KB 149ms
55ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3c8e53c2eb36e1989267889f2f2e31d5bf14c20ab203b3770d942365a358210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45948
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 07:36:00 GMT

GET
H2 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 193 KB
36 KB 193ms
191ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: nginx
etag: W/"613b1906-30266"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 122ms
39ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: JmqGMljnJcTUjLnMFse4qOunDsbIYpUMpptv//h3KKgyRhq2u+kJ/jC99WJ3KaOZEIq4oc5SRFtVYZ5lrP8DWw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Jun 2022 07:36:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
70 KB 222ms
222ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-118d8"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 71896
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
43 KB 223ms
223ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-ad0c"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44300
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe Show response
vsim.ua/site_login/ Frame CA2C 5 KB
1 KB 365ms
365ms Document
text/html 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 4d0e4d7c6d3b1044c00e227225a769366c2dc4ca87e08ea21a536576b74e301e

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Jun 2022 07:36:01 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H2 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
3 KB 184ms
183ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-bff"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 184ms
184ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-478"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1144
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
723 B 185ms
185ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-224"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame 283C 621 B
697 B 367ms
39ms Document
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 06 Jun 2022 07:36:01 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1rw4ftUb/KL0sAA
x-77-nzt-ray: Wtugp8T6eRY
x-77-pop: frankfurtDE
x-accel-expires: @1966928953
x-age: 2932008
x-cache: HIT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 120ms
35ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 04 Sep 2022 07:36:00 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 291 KB
83 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=91fb160de016ac34139148f976d10216

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cda04b81943a3bc8b0cf1038f37063403081eac9e8dc553f2845a203ad8681b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Po4LnuLK3tOkgVoRDpQHWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Jun 2023 07:21:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84834
x-fb-rlafr: 0
x-fb-debug: 5KO1HNyzH3du/eeZ6Plst4/pBME9EDlOlViYBpmPaH384Vq4uiQXNI8NGTpWtA/LAYha0aUq5m2xm/pH56lXhQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 74181cd18138e5d9f9b6257056cf571e
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Jun 2022 07:36:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3e27bf8645a5922ba04be96e07b20716"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 506134916849111 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7379d47cbf147b3d98794cfc82cbe49bc0bff579e48af5de2c3370f7df1192fe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88867
x-xss-protection: 0
pragma: public
x-fb-debug: tl6vDMrY4NBgn3py4vi3fgzoG4M5OObUgWtDKA/AnMBiY3uOEJtTCNbYN/TaCwTLDz2lbpJ9X7Ad4kqSN09fVQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 06 Jun 2022 07:36:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
455 B 136ms
48ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/459583/ 188 KB
32 KB 30ms
30ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459583/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8be6618cc474324380b04c2d2cda8ba9399a7e8c794562373ec575de43bbbf0f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2022 21:01:07 GMT
server: nginx
etag: W/"629d1993-2ef11"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 07:36:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022053101.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 125ms
41ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 20:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127016
x-xss-protection: 0
last-modified: Tue, 31 May 2022 08:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 05 Jun 2023 20:35:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
121 B 134ms
50ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ad1e37cb8a3465734afa9cebc451bd2f089b09567f0b12c1acf34ab09a0ee7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Mon, 06 Jun 2022 07:36:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 121ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1654500961088&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654500961087.397601653&it=1654500960935&coo=false&rqm=GET

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 06 Jun 2022 07:36:01 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 129ms
39ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=4b0586d5-79eb-4ccd-9709-1d816924650b&utmb=53190a26-efdd-4bf1-bf5d-4beb7bc991bf&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
x-correlation-id: fcecf772f5bafd72338ce8933e7ea5cc
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 135ms
54ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c342abff84b34dac6ad81ab9cf59e9fe3cccb117b5c530602f8b01fa1f22728c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69941
x-xss-protection: 0
expires: Mon, 06 Jun 2022 07:36:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 113ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1654500961096&sw=1600&sh=1200&at=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 06 Jun 2022 07:36:01 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 128ms
47ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=452828512&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=1616579763&gjid=457203652&cid=316598117.1654500961&tid=UA-43975937-2&_gid=668947948.1654500961&_r=1&_slc=1&cd1=NotAuthorizedUser&z=172642094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
414 B 255ms
55ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f38ce7391432873bb0c5fb3213b9778672e660d94aeb1ede0ba5b59d2625305c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 07:36:00 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 251ms
52ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=2f5jzm.z9&features=16416&vpbv=N061&lifecycle_tte=3819
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 07:36:00 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 b8bb2dfe26ab7ff9a1ddfa4d88dc43037f8efa37.webp
vsim.ua/img/cache/news_rtp_large/news/0027/69/ 21 KB
21 KB 78ms
77ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/69/b8bb2dfe26ab7ff9a1ddfa4d88dc43037f8efa37.webp?hash=2022-06-04-15-42-12
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: c7a29aa22953bb6f851c361c9084aafba20ef57ab5e534bd42f3de413975650e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Sat, 04 Jun 2022 12:45:03 GMT
server: nginx
accept-ranges: bytes
etag: "629b53cf-52b2"
content-length: 21170
content-type: image/webp

GET
H2 200 e2fc79803fe23399082bb952937ae7b9c8b80029.webp
vsim.ua/img/cache/news_rtp_large/news/0027/69/ 38 KB
38 KB 79ms
78ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/69/e2fc79803fe23399082bb952937ae7b9c8b80029.webp?hash=2022-06-05-11-28-34
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 74dd90ffc2712290698567be4ab2bbfa0dc73e9ba52d83d53cb82481f3074561

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Sun, 05 Jun 2022 08:43:17 GMT
server: nginx
accept-ranges: bytes
etag: "629c6ca5-97b0"
content-length: 38832
content-type: image/webp

GET
H2 200 2667004-hotiv-miru-y-spokoyu-hmelnichani-poproschalisya-z-viyskovim-sergiem-novikovim-foto.jpeg
vsim.ua/img/cache/news_rtp_large/news/0027/68/ 18 KB
18 KB 79ms
79ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/68/2667004-hotiv-miru-y-spokoyu-hmelnichani-poproschalisya-z-viyskovim-sergiem-novikovim-foto.jpeg?hash=2022-06-03-14-09-45
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 44caafcf9388edd636d5056ca4639ec35b6044bb84fefa98be717751dda685b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Fri, 03 Jun 2022 11:10:22 GMT
server: nginx
accept-ranges: bytes
etag: "6299ec1e-47b6"
content-length: 18358
content-type: image/jpeg

GET
H2 200 2668645-skazav-ridnim-scho-yidu-na-robotu-na-donbasi-poranili-soldata-rozvidnika-z-volochischini-yak-mozhna-dopomogti.jpeg
vsim.ua/img/cache/news_rtp_large/news/0027/69/ 18 KB
18 KB 80ms
79ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/69/2668645-skazav-ridnim-scho-yidu-na-robotu-na-donbasi-poranili-soldata-rozvidnika-z-volochischini-yak-mozhna-dopomogti.jpeg?hash=2022-06-05-11-09-29
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: afbdb515e2dde78a6e30ed7c4a1fb18958cf08567a438cc86d7a2de109780450

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
last-modified: Sun, 05 Jun 2022 08:10:07 GMT
server: nginx
accept-ranges: bytes
etag: "629c64df-47f7"
content-length: 18423
content-type: image/jpeg

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 239ms
76ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Mon, 06 Jun 2022 07:36:01 GMT
server: nginx/1.16.1

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 77ms
76ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 06 Jun 2022 07:36:01 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

GET
H2 200 fc40332.css
vsim.ua/css/ Frame CA2C 177 KB
30 KB 91ms
91ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 11:47:54 GMT
server: nginx
etag: W/"6296006a-2c584"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dba7e9c.js Show response
vsim.ua/js/ Frame CA2C 246 KB
71 KB 101ms
100ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 11:47:58 GMT
server: nginx
etag: W/"6296006e-3d641"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 108ms
35ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43975937-2&cid=316598117.1654500961&jid=1616579763&gjid=457203652&_gid=668947948.1654500961&_u=YEBAAEAAAAQCAC~&z=480601807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Jun 2022 07:36:01 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 85ms
28ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a3a318994ba4d8957538ba81f3e17a7826b71e432c8e87de6340fa7df1e58675

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
last-modified: Sat, 04 Jun 2022 12:01:07 GMT
server: nginx
etag: W/"629b4983-8ec"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Wed, 08 Jun 2022 07:36:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 173ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 614ms
614ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2194680601667314&correlator=2521327190602867&eid=31067855%2C31067742%2C31065401%2C31067488%2C31065517&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&ecs=20220606&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1654500961298&lmt=1654500961&dlt=1654500960542&idt=724&biw=1600&bih=1200&adxs=1092&adys=228&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=316598117.1654500961&ga_sid=1654500961&ga_hid=452828512&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1183c2694c8d4a6eaaf6e8047c293b181703939ddc662c6685f172c1299c5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8173
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA80 6 KB
4 KB 151ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:01 GMT
expires: Tue, 06 Jun 2023 07:36:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
341 B 137ms
47ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oe610&_p=452828512&_z=ccd.vdB&_gaz=1&cid=316598117.1654500961&ul=en-us&sr=1600x1200&_s=1&sid=1654500961&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 35ms
34ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=316598117.1654500961&gtm=2oe610&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 165ms
75ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=316598117.1654500961&gtm=2oe610&aip=1&z=472580014

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
325 B 222ms
54ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22576fd32498ae32%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226a8a8eef8c4c84%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%227043d17b4d148%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%228bf73cc27ccc64%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22405cba69-954a-45f5-a625-9de6ab3dd9e4%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4d9128d652b5dee08d4535b54702ec0f6e8b28d5c47f242337a6b8ade29516bb

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.101], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://vsim.ua
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 27
expires: Mon, 06 Jun 2022 07:36:01 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 692ms
217ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 06 Jun 2022 07:36:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 367 B
1 KB 275ms
200ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

467603d9bceed2da21c86800bb9558929c54c9314881fb69f63653c7824aad9e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:01 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d856c935-d4c1-459d-aa53-8b4480b49545
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 367
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=h...

415 B
825 B

41ms
41ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=405cba69-954a-45f5-a625-9de6ab3dd9e4
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 37593767f544317c9c3e032830d3ee92b32efb73404c3f6cee45c97690ec5acd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:01 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Mon, 06 Jun 2022 07:36:01 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 415
x-sid: AMS-744

Redirect headers

date: Mon, 06 Jun 2022 07:36:01 GMT
server: openresty
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4954487627707205&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=405cba69-954a-45f5-a625-9de6ab3dd9e4
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-744

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
668 B 55ms
55ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: bb34ada5cf21f81635ab6a34489e563f47614f4ddab28d9f628d532c13093aa3

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 06 Jun 2022 07:36:00 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 366

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
373 B 102ms
34ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvsim.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b54601f5-d3ca-49c6-9ae8-427145953cbe%2C5bab4f75-030a-4810-b41f-c4d213d2c31c%2C18b2d19b-5c74-4a3b-b1b0-a11059897c20&nocache=1654500961472&pubcid=405cba69-954a-45f5-a625-9de6ab3dd9e4&aus=1200x250%2C1200x400%7C1200x250%2C1200x400%7C1200x250%2C1200x400&divids=div-gpt-ad-1632837984961-0%2Cdiv-gpt-ad-1632838225160-0%2Cdiv-gpt-ad-1632838267602-0&aucs=%252F45035109%252F20minut_news8(1200x250)%2523div-gpt-ad-1632837984961-0%2C%252F45035109%252F20minut_news9(1200x250)%2523div-gpt-ad-1632838225160-0%2C%252F45035109%252F20minut_news10(1200x250)%2523div-gpt-ad-1632838267602-0&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: cc31d88bf5b774e905350ea967d9b3325a58c213ee4a8b4469a6e658fabdf1c2

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:01 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vsim.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 216ms
61ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 06 Jun 2022 07:36:01 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 373 B
1 KB 270ms
200ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c04ae800cfedd5e33f9c1ade3a4e6a96d42296edab01acfaf4e5cc4bf4b38ec4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:01 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 22e4365c-3fa0-496c-b4f2-6b2e4eebdd39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 373
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 710ms
242ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 06 Jun 2022 07:36:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 302 B
526 B 106ms
60ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=517710&aid2=517711&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 67656b202a63c834a0a072643bad67ecd2b25edf681a8ec7e762d734af2a14fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 07:36:00 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 224

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bad43652-5d83-43d9-a27d-7be8339908b6

0
407 B

1322ms
423ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bad43652-5d83-43d9-a27d-7be8339908b6
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 07:36:02 GMT
Server: VertaMedia 1.0
Etag: 4eb90a28786ab60a
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bad43652-5d83-43d9-a27d-7be8339908b6
date: Mon, 06 Jun 2022 07:36:01 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5B73 0
18 B 82ms
40ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:01 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 container.html Show response
20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 44DA 6 KB
3 KB 124ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:01 GMT
expires: Tue, 06 Jun 2023 07:36:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C137 624 B
975 B 142ms
52ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEY0PWQywEwAQ&v=APEucNX7alpuRAWWJ1zSHPt3E90K_dWBLq2MyGakScotmiF6C0D076cspPuSXVZowWSQpY1uEPb2VePBefZj8YKVAzoF-7EngCrHrvu3l7cG-qZYeteDHN8NRZ1cjKYtA22vT9JcGue_ghEzRFoZfjyLaHaoGzL5bV248xTyzShMe3bi3_eJ2xI

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:02 GMT
expires: Mon, 06 Jun 2022 07:36:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 44DA 95 KB
36 KB 181ms
92ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C72DgvIrWoFmFLAvgE1tX-V3qzbCXGgSwdosHz6BUz7XROYbAd8vTdlyJSe31_MUdEx_iTSg3JUgA9ZhUFx81Z0gS2PhD9d1qkQ3WV4JvoH8uG0G6JEUUhRANaKZSyHxhx3Zs4SPO-WQ2ihZbvlgxFsn_NZQ&dbm_d=AKAmf-AbRdir5aOsMNM8qmhR3jw_TJj4y3t__onJB1pzvuDwDkLEly2-mpOe7xDp804b6NodGij2JNMF2-MHyacm1EjdX8TKiZMi7nsfRM2XECtCeKSv_ecJJvQAUdbw_4xo3Nv8wyRyv8wDvgYjwTkoR1xFxEb4dhpy_x17hgkspKKdOA_pjszB0H0c2XYl5RmKcHqOuMiki7jh9iRuzTw5xESTsefrKJPeSUQU5x-6mxuhuiz-_5aNwKOMdcqkbJ3Vq_dmjtQKZRyPwdoOv5112cFN3mIDO8BbIMq1w96me7uQV_iQndiPofpzqY8YrtPluMKUu3ZOlBbAP20gxi2IJTfkuosQ_pNyoofhvH6Y2ZqS_50bkpCcApM0P1niH-_dI0nNSP59b1avuFYflwAAPPv4Pu9PWJ6Qilc-BhOa_fo_fDkXldg_FgynBY5TGx0_DiWjEaRjofLo0BL9CdV6lffgLvmDH9gIT747xEtB9uUgeLVGw6LIW7o7RPKUz9P4B8plgv0HDVP8ohHr4IVQyhZ-1V_81hJHQPcBCTozRo8Pc1neE4viGOrawjpfZ4lpw2Xxqo4SFHR1lcBuxz3s1DZS7Db78bjVZhL_MtAz4hKNm1PY3viB7UQG4Fr-VTbZPB3FVEq9BqVV_fwr_vi1mBPYt1yvUh0yDsrDNe51nqihBGrEF9w7vDnqOb0TtUS2wxI2O9ubmm8f1L_I6owyUJmTZA2gSoXzK9MfL2BMsXhKdOrMjyI235-tlM_iqG_uaXMd2BjT5Y4ojmtx3X6veFc-oZaFjqrpfI9Dl-hcl31TeE8s8zCzJiWY0_w1Wtw4_zmWjjYdd2M9Cnr7-Ao6gdMDz_b8EBl7RcfboqREP68jN8FGfZz2B3nZHHwPn39pX3cRkZyycEtQaPCg1T3qjcU9OiK6Oq1OCVwnPM4VITUDLjxYNM46aFWiKXB_0YCV7ggo_vL8cUQ5P3t0XIT7ETK9Pqdqpjx4whzWBzdnMgTHmUkdcs5YPQbM-AW8ZK2f1tX-Kzr8r-LZcCGTgCa5WDjog6WgiSdWY9tK5lO-LKwNAzqW_FiU9gqVpjECkkyhipgzfKZkwIs0m8_EUHlanbzIgOTg7XqytLDxh9Xzc5YB6XG00c62gQ5xSmtkBvAkLqRyeiBaUxz9fVXNSkeDWtMPR47AC4qk8CgZYeMIcNeY27cEGrL5sg-nIZEpW0IH-F_WnUS3ZQJOgJitJJNSNEK6DbvFsk0MLQHAbByI26WK4hIijY-t5fcEoX5nN65CWN6LjTaQlLN2NHGlgs-AmVA8719xwA-yy91QGdu6NGA8jhVn78vN3yGOIWz2uROIKA_2SO0vqSeJWWSYlEarXLJjWaG6RVp-NJ0hIp0hBOvevxhtScBOwxgKJXkddoQCPWpmptVGZCT8dvGCKid-uza_gZES0B_yKkYShQccvlYPBL5bRvwJuGL3S1J5C0lH3bhPfEgq4SWLC_ejGdCEFeLrQ4MBadcGaLswMyYgHhX6Co-MKtQe7UKMeldUYGmKAiau2iSYo4HBn7nqbEtf5nOLfJJGdqF83iQ7frbyFQ-PodY7YDztd0JZ5-c5VPjgS-ud6pchUZHEkuXFCjId2P4HFDBbrIdpfeXCW4riRAKEdXsOTEN1hubBTh9K3Z2O2aWRkqHKxJeIdfEwZBCqiJewf38wuCgX_lvk4HzoXaJ7oUFttBpsZ6-RDAG9K4AMoY9DtFDFDhzb8DJtx-5kRH7NRnqaPn0Fc994vdbMUZ5PDFIwQ-PKqOlL3qq7JQFZXp1vfUCxiFUzpVggjtAi1Sv__8Fr2BA2R5fuqXBCVC0Om8iGGiZKUV8HmQbVZV8MRXtwom_0Cy8IkZTo-O3_BhheDVNaUIrE6niewmFd7tD4wDrrXJZu1l5ymFVWYRQLPL4MPoUbftKmeFO1kvKDOcz6CufkVXXAI5KGeRi1wW5PnkemR9BEk4cFMYavX0vRe0dc8GWHiAhLGlHBML4i_iQF9QKW78bCqLEepYBE43x912vCmPxHOa9rsYs3vv3f29iYIKKlUBgv8Okj0J-isNPlm3nxkTIeKBxyw_UPPWQQ5Y1oxdZdxeME9bXTSf7DlqyQZqFa9NEgOKQ9qKxhPGI1DhLZ-CgLuwZsxRLNu49zW_CnEO44ej1lpbvjh1I-26_L9g44pmy_f5m-sCNqJvnGFcGAA3pC6K7NdqjcaxaHziFhih78FghvMKT6uS2dnCD0G18GXl7U2Hqhj6FvRloihQiZPkTPK-sdAc_yU3Pf9_VfGcYM71H5J5pcyjpK3Z5CzNoYHELI0G0D_5GHGaPtQ5CCJTb62mTK3VMd3exyX8eBrPKHd5qCh7l7_PHteQIWrNneVZbgTLbuRyGaW1SKD_4HjyPTdrFKdOuGHsNf4FGkHuNTSROziPwF5VdEp4Nrn3PFUNmG1cBiJB8pEAW4lRhYdIg19Z34zvGqlOf4HhkhMjMLKhWGmiTq8-uPq3Z_SSzhYxriW27tO96Z7iFoyMwVz1D4UZ2gYYPhp4z2eq1cv9soLuLbXGMnfaAEmKpoUitmg8Mj-h9cnRk5OiwDmOJ_RP-yP-3qJ0PIyNA5guY_0Hl6eBvTq31jkh4Y96JmnK-Kp1kfczAC1wNnfzpQHDcfrdc6-cNWniTm3AN7qe73z_Lou610hv9biKRtarsRv261ZLx6fUpuLqYmvFWqDDFdZeeSElbp12lmeQQBtvfVgGFUIdbU5DHXMEW0fWPl9BiS8gPQ0uul_RLTzk7c_OyPNisGHuF7OMhk06hQ317u4Uyys2ZsiLbiq90AstjIowtwQASlGzHMcvwEJhzfr4-JvtsCwS3YnlWLkVG9ICHPFKAgF89lvZWHConmCHPlyvPTyuP9AXPXYVE9YwrrJLttciz3ync2rWwQqSA1BHmRboqyk7vv9ODgEYl2_jGzTgFPUYYZcjnEWztXXqQZGt6Er9J2z7ii7D-TH1Ih0yRYfaF4uTFZgJhF-kkM1TyWCsKgFkPwf0do-UaO699PCDPWbnyvWds_K3YojHPbI5EwY4L-FOI-nGgSgFzfys2QQj19GqGikZuKTX7Ou4rOchSkvC88ao0nYk9l6QLHKviKm8zzv0gFDE4U3NnB_0zxwEn3qPLYj5TtxbyQMd3ePjYpRW5f9gnKohne_DjOpHykkMt0tHcxx8WbEo9rbAEgEhM6rwrnplH3NBW1_o0tKPszGEUtgtgkuqv66q5R1TKp2k41ZucUrvtOGQqrjh6immVymAPXI_mpgw5T7E5xactDFmwRFaM6cHglwQ5Z4yBSdBWPOwwStYWidPEL_nePBW7xbU8lfU9Trj2HIbrhcRNmCTOHbzwjzQkuSZ4g_qLLNdp5-COzfkdGGQDejXhrShUBuxH-phR_VT6MjLRURQjSBc170Pmq4cfnDf0cdyBS5IBUXg8qNzGtKpQcMPpLcB1HpyZTKqgxPX3Eo5k6xLFWcb5KLyR0Vd8yReczjSCFBbbRBe7YlSl_dLDoTp2-VojKtueS0xBVc75FbSfIkIxEIg&cid=CAASKORoXD7W722eRBqpNvmMftG5yZYEvOBEX8_Z5B8GfGUo7r5qJRrll18&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fb660a73dae345dc7fbe6733838b80cca5a0ec1c73b0d5b867e91fe3f639c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36839
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44DA 42 B
494 B 163ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqLrJWYV_9T4ASMZg3449V5gKNqNAJ7hpvfGqUeY4ytPnSN8eFUNUE_jRWiIWnamhpcATWb6xbCwRP5rb61AVaU7jJSbXqOQFtq6drJ-QcxOiNHAU

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 44DA 3 KB
1 KB 147ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:29:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44DA 138 KB
43 KB 149ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 44DA 17 KB
8 KB 141ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:15:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
24 KB 611ms
611ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2194680601667314&correlator=1412327710945109&eid=31067855%2C31067742%2C31065401%2C31067488%2C31065517&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&ecs=20220606&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Da0d3419ef24224b3-22c20587a7cd007c%3AT%3D1654500961%3AS%3DALNI_MYluWBDQH967mzKUjI5JQsl9Gxemg&abxe=1&dt=1654500962195&lmt=1654500962&dlt=1654500960542&idt=724&biw=1600&bih=1200&adxs=204%2C204%2C204&adys=1056%2C3264%2C4265&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=316598117.1654500961&ga_sid=1654500961&ga_hid=452828512&ga_fc=true&btvi=0%7C1%7C2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7822d0ec1b8fd640adb6a6fd671bdd62ddccb3e7e903dae5bd35cabe983e2a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24424
x-xss-protection: 0
google-lineitem-id: 6036262733,6020538235,6024219508
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138394044611,138392323329,138393097336
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C137
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1&C=1

43 B
1013 B

56ms
56ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEY0PWQywEwAQ&v=APEucNX7alpuRAWWJ1zSHPt3E90K_dWBLq2MyGakScotmiF6C0D076cspPuSXVZowWSQpY1uEPb2VePBefZj8YKVAzoF-7EngCrHrvu3l7cG-qZYeteDHN8NRZ1cjKYtA22vT9JcGue_ghEzRFoZfjyLaHaoGzL5bV248xTyzShMe3bi3_eJ2xI
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Jun 2022 07:36:02 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9647jDyjbffVjiReq-JpQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C137
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yp2uYmmChQbfFp5hLGBWnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOurwY4bBeglBLQr8qr0Y1I&google_cver=1

43 B
893 B

55ms
54ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOurwY4bBeglBLQr8qr0Y1I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEY0PWQywEwAQ&v=APEucNX7alpuRAWWJ1zSHPt3E90K_dWBLq2MyGakScotmiF6C0D076cspPuSXVZowWSQpY1uEPb2VePBefZj8YKVAzoF-7EngCrHrvu3l7cG-qZYeteDHN8NRZ1cjKYtA22vT9JcGue_ghEzRFoZfjyLaHaoGzL5bV248xTyzShMe3bi3_eJ2xI
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Jun 2022 07:36:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOurwY4bBeglBLQr8qr0Y1I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C137
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHDFeaMFa37LaJGuUGbrvPg&google_cver=1

43 B
1020 B

37ms
37ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHDFeaMFa37LaJGuUGbrvPg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEY0PWQywEwAQ&v=APEucNX7alpuRAWWJ1zSHPt3E90K_dWBLq2MyGakScotmiF6C0D076cspPuSXVZowWSQpY1uEPb2VePBefZj8YKVAzoF-7EngCrHrvu3l7cG-qZYeteDHN8NRZ1cjKYtA22vT9JcGue_ghEzRFoZfjyLaHaoGzL5bV248xTyzShMe3bi3_eJ2xI

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:02 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fb697f87-8c88-467e-99ed-3c9e1bba6d91
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHDFeaMFa37LaJGuUGbrvPg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C137
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNzUwNzI3ODAwNDA4OTUwNg%3D%3D

170 B
502 B

107ms
51ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNzUwNzI3ODAwNDA4OTUwNg%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 07:36:02 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 47037cfc-9154-4c4b-91ab-419caccda1ce
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNzUwNzI3ODAwNDA4OTUwNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1056993/63470348/ Frame 44DA 233 KB
71 KB 567ms
181ms Script
application/javascript 52.41.103.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1056993/63470348/skeleton.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.103.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-103-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 887c03a243a6b4080b48213d0f98bf0a79c85b769503530bcb789590f61ba7e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 44DA 170 KB
59 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
Origin: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 06:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Jun 2022 06:18:03 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 44DA 8 KB
3 KB 130ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C72DgvIrWoFmFLAvgE1tX-V3qzbCXGgSwdosHz6BUz7XROYbAd8vTdlyJSe31_MUdEx_iTSg3JUgA9ZhUFx81Z0gS2PhD9d1qkQ3WV4JvoH8uG0G6JEUUhRANaKZSyHxhx3Zs4SPO-WQ2ihZbvlgxFsn_NZQ&dbm_d=AKAmf-AbRdir5aOsMNM8qmhR3jw_TJj4y3t__onJB1pzvuDwDkLEly2-mpOe7xDp804b6NodGij2JNMF2-MHyacm1EjdX8TKiZMi7nsfRM2XECtCeKSv_ecJJvQAUdbw_4xo3Nv8wyRyv8wDvgYjwTkoR1xFxEb4dhpy_x17hgkspKKdOA_pjszB0H0c2XYl5RmKcHqOuMiki7jh9iRuzTw5xESTsefrKJPeSUQU5x-6mxuhuiz-_5aNwKOMdcqkbJ3Vq_dmjtQKZRyPwdoOv5112cFN3mIDO8BbIMq1w96me7uQV_iQndiPofpzqY8YrtPluMKUu3ZOlBbAP20gxi2IJTfkuosQ_pNyoofhvH6Y2ZqS_50bkpCcApM0P1niH-_dI0nNSP59b1avuFYflwAAPPv4Pu9PWJ6Qilc-BhOa_fo_fDkXldg_FgynBY5TGx0_DiWjEaRjofLo0BL9CdV6lffgLvmDH9gIT747xEtB9uUgeLVGw6LIW7o7RPKUz9P4B8plgv0HDVP8ohHr4IVQyhZ-1V_81hJHQPcBCTozRo8Pc1neE4viGOrawjpfZ4lpw2Xxqo4SFHR1lcBuxz3s1DZS7Db78bjVZhL_MtAz4hKNm1PY3viB7UQG4Fr-VTbZPB3FVEq9BqVV_fwr_vi1mBPYt1yvUh0yDsrDNe51nqihBGrEF9w7vDnqOb0TtUS2wxI2O9ubmm8f1L_I6owyUJmTZA2gSoXzK9MfL2BMsXhKdOrMjyI235-tlM_iqG_uaXMd2BjT5Y4ojmtx3X6veFc-oZaFjqrpfI9Dl-hcl31TeE8s8zCzJiWY0_w1Wtw4_zmWjjYdd2M9Cnr7-Ao6gdMDz_b8EBl7RcfboqREP68jN8FGfZz2B3nZHHwPn39pX3cRkZyycEtQaPCg1T3qjcU9OiK6Oq1OCVwnPM4VITUDLjxYNM46aFWiKXB_0YCV7ggo_vL8cUQ5P3t0XIT7ETK9Pqdqpjx4whzWBzdnMgTHmUkdcs5YPQbM-AW8ZK2f1tX-Kzr8r-LZcCGTgCa5WDjog6WgiSdWY9tK5lO-LKwNAzqW_FiU9gqVpjECkkyhipgzfKZkwIs0m8_EUHlanbzIgOTg7XqytLDxh9Xzc5YB6XG00c62gQ5xSmtkBvAkLqRyeiBaUxz9fVXNSkeDWtMPR47AC4qk8CgZYeMIcNeY27cEGrL5sg-nIZEpW0IH-F_WnUS3ZQJOgJitJJNSNEK6DbvFsk0MLQHAbByI26WK4hIijY-t5fcEoX5nN65CWN6LjTaQlLN2NHGlgs-AmVA8719xwA-yy91QGdu6NGA8jhVn78vN3yGOIWz2uROIKA_2SO0vqSeJWWSYlEarXLJjWaG6RVp-NJ0hIp0hBOvevxhtScBOwxgKJXkddoQCPWpmptVGZCT8dvGCKid-uza_gZES0B_yKkYShQccvlYPBL5bRvwJuGL3S1J5C0lH3bhPfEgq4SWLC_ejGdCEFeLrQ4MBadcGaLswMyYgHhX6Co-MKtQe7UKMeldUYGmKAiau2iSYo4HBn7nqbEtf5nOLfJJGdqF83iQ7frbyFQ-PodY7YDztd0JZ5-c5VPjgS-ud6pchUZHEkuXFCjId2P4HFDBbrIdpfeXCW4riRAKEdXsOTEN1hubBTh9K3Z2O2aWRkqHKxJeIdfEwZBCqiJewf38wuCgX_lvk4HzoXaJ7oUFttBpsZ6-RDAG9K4AMoY9DtFDFDhzb8DJtx-5kRH7NRnqaPn0Fc994vdbMUZ5PDFIwQ-PKqOlL3qq7JQFZXp1vfUCxiFUzpVggjtAi1Sv__8Fr2BA2R5fuqXBCVC0Om8iGGiZKUV8HmQbVZV8MRXtwom_0Cy8IkZTo-O3_BhheDVNaUIrE6niewmFd7tD4wDrrXJZu1l5ymFVWYRQLPL4MPoUbftKmeFO1kvKDOcz6CufkVXXAI5KGeRi1wW5PnkemR9BEk4cFMYavX0vRe0dc8GWHiAhLGlHBML4i_iQF9QKW78bCqLEepYBE43x912vCmPxHOa9rsYs3vv3f29iYIKKlUBgv8Okj0J-isNPlm3nxkTIeKBxyw_UPPWQQ5Y1oxdZdxeME9bXTSf7DlqyQZqFa9NEgOKQ9qKxhPGI1DhLZ-CgLuwZsxRLNu49zW_CnEO44ej1lpbvjh1I-26_L9g44pmy_f5m-sCNqJvnGFcGAA3pC6K7NdqjcaxaHziFhih78FghvMKT6uS2dnCD0G18GXl7U2Hqhj6FvRloihQiZPkTPK-sdAc_yU3Pf9_VfGcYM71H5J5pcyjpK3Z5CzNoYHELI0G0D_5GHGaPtQ5CCJTb62mTK3VMd3exyX8eBrPKHd5qCh7l7_PHteQIWrNneVZbgTLbuRyGaW1SKD_4HjyPTdrFKdOuGHsNf4FGkHuNTSROziPwF5VdEp4Nrn3PFUNmG1cBiJB8pEAW4lRhYdIg19Z34zvGqlOf4HhkhMjMLKhWGmiTq8-uPq3Z_SSzhYxriW27tO96Z7iFoyMwVz1D4UZ2gYYPhp4z2eq1cv9soLuLbXGMnfaAEmKpoUitmg8Mj-h9cnRk5OiwDmOJ_RP-yP-3qJ0PIyNA5guY_0Hl6eBvTq31jkh4Y96JmnK-Kp1kfczAC1wNnfzpQHDcfrdc6-cNWniTm3AN7qe73z_Lou610hv9biKRtarsRv261ZLx6fUpuLqYmvFWqDDFdZeeSElbp12lmeQQBtvfVgGFUIdbU5DHXMEW0fWPl9BiS8gPQ0uul_RLTzk7c_OyPNisGHuF7OMhk06hQ317u4Uyys2ZsiLbiq90AstjIowtwQASlGzHMcvwEJhzfr4-JvtsCwS3YnlWLkVG9ICHPFKAgF89lvZWHConmCHPlyvPTyuP9AXPXYVE9YwrrJLttciz3ync2rWwQqSA1BHmRboqyk7vv9ODgEYl2_jGzTgFPUYYZcjnEWztXXqQZGt6Er9J2z7ii7D-TH1Ih0yRYfaF4uTFZgJhF-kkM1TyWCsKgFkPwf0do-UaO699PCDPWbnyvWds_K3YojHPbI5EwY4L-FOI-nGgSgFzfys2QQj19GqGikZuKTX7Ou4rOchSkvC88ao0nYk9l6QLHKviKm8zzv0gFDE4U3NnB_0zxwEn3qPLYj5TtxbyQMd3ePjYpRW5f9gnKohne_DjOpHykkMt0tHcxx8WbEo9rbAEgEhM6rwrnplH3NBW1_o0tKPszGEUtgtgkuqv66q5R1TKp2k41ZucUrvtOGQqrjh6immVymAPXI_mpgw5T7E5xactDFmwRFaM6cHglwQ5Z4yBSdBWPOwwStYWidPEL_nePBW7xbU8lfU9Trj2HIbrhcRNmCTOHbzwjzQkuSZ4g_qLLNdp5-COzfkdGGQDejXhrShUBuxH-phR_VT6MjLRURQjSBc170Pmq4cfnDf0cdyBS5IBUXg8qNzGtKpQcMPpLcB1HpyZTKqgxPX3Eo5k6xLFWcb5KLyR0Vd8yReczjSCFBbbRBe7YlSl_dLDoTp2-VojKtueS0xBVc75FbSfIkIxEIg&cid=CAASKORoXD7W722eRBqpNvmMftG5yZYEvOBEX8_Z5B8GfGUo7r5qJRrll18&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:29:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 44DA 27 KB
10 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
server: cafe
etag: 754631604453815386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:32:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 44DA 41 KB
15 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 16:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:00:56 GMT

GET
DATA 200
OK truncated
/ Frame 44DA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc9c4ddbb9605a6d98a540bf170ad6a0f5144c73071f3b6e53a1819134b4e50

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 56ms
56ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Mon, 06 Jun 2022 07:36:01 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3090988726193369333/ Frame EBAD 3 KB
1 KB 131ms
49ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f44c8466422e9554ee8ec72cc2f063a79f7df4b9f15a87d47369860ce5deb72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1195
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:02 GMT
expires: Tue, 06 Jun 2023 07:36:02 GMT
last-modified: Thu, 26 May 2022 09:52:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44DA 0
622 B 199ms
88ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxYvTw5U-d7VtGZEX86w5nFiMqixBJGEGXx7PYGmkowWJWaSrTBqFDYhYIg5njQoOAH1PucoPBvM3YmQ0Zmc0SQN7F5Si1Ry5uTCtZyrRQeopvyBImDVG7H8zySNQLSAtUS3ld20yLjAKOxetgbnkMv6FbmPIVcxUiLXAtS6yEMyDFmzbVAcIOz4fcGjmsLb-kC3zIlBln4OO8ud_yxqoK_d3DLCqGx4-6TXymrNcBw2BUhim230mvhRYdl83P5QAu0jk7yt5g4uJ429eIHWwy8g2ijrVu59UrjqT3CQzASJqHDx38O_iJe9HqCtJuQO5V5-wUExisVVFJ37EiOzoeuniwV7tiSgXK-_aqUAnY9WHcZGRZiEtA5OonVU1fV0eJT172_E4AC4GgTM7WDS_N16FIyJbGgvtSA4IpNUUDcEkK6NJdLxAN06jdpbp_7_2ofFAEjKLOkucBD_vEnd0Ff0kKcA_72jnyPl4pEhg9xQKHd3Prgek6l-GKhFT_CjUgeQxpkIvCS9qb3UN89P6UeTg8Ldc42p3wkHKEygmVgcnGz5ZOEbEl_NKrg9OnKuZc9kJffFOEOpusPznQ-ns46jQ2H_0LNuFiuU0vBgIVjIuw6WWZNOrAAizKXW-Xgww3DfR4VnNnImNiAO5HPSe1wuprqLlujgmSrfKdC2ywBRT7m-3eqduVCgRzdyRMZFtYcrflrF1KNNMwZQOaAZNhpidLDwLHt1GDb8F0Z5lXVzO0Gjz51hg8Gw79NmhVXSRzR1drCGee_iwMEXNJboyxRod3wMfXYkROOJV5vzflKanS7_e0t3ObaTmjGLykjGAvJEPkm7LTsbnFTInQ339kkcTskFCHJlT3vP4tF-2siAmG-NceUvQv0oRhPn4aoprF91M5pgZTF86MjF97QdZomJjbPpuv0hgmsXra0FQ19Dz9Rreji5RuxjUqPCpavqR-kcD_6-tJf_gev-Rj9zYYD8kySqlQz8J2WVhKiluu_vE8CRRgIstdH_pI-PJFr2stndUaf9ZVDuQhTF2JydS1Ybd8fy-1rWXYeGRLkJvNQ3pOcml-ne0ocdgXYEcobqZjMRHqnUKh2tup7KxHbotX4IkQxNGIxV7WogDwQ2GnoKF_Qc_CjfMdAWFWloQsu1Bg7A&sai=AMfl-YScBqQsejaOFoz0bWt4uCQdCiCywqheh4JovLXIL4mTq_5Q1VOWNnw1cV0QhzrEnu03BtTtU-yFLYJU9NBazWncIKvDaA8Vs-E7ertMQDK68pLk60ANOmYF2bbPPa8fOASQiC4UlgnxvDHv6weWV0y5SFQOdRmUi2eGXYpVpxZkvGyxnF1XguRuskA2HECJIts9RhbmzxArwEd3LHKtE9aJT8Y6I8pmTA&sig=Cg0ArKJSzAYInkOWCteFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=220&cisv=r20220601.28935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 06 Jun 2022 07:36:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1C4B 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 56105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Jun 2022 16:00:57 GMT
expires: Mon, 05 Jun 2023 16:00:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C4B 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 20:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:22:59 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame EBAD 118 KB
40 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 22:04:55 GMT

GET
H3 200 loader.gif
s0.2mdn.net/sadbundle/3090988726193369333/ Frame EBAD 21 KB
21 KB 69ms
68ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/loader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265e77771216422546e58de6047cc2984f4a92d877b54d0d4fdcc3fa51f22e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:31 GMT
x-content-type-options: nosniff
age: 406471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21225
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:31 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EBAD 112 KB
38 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H3 200 timelinelite_1.19.1_e83510db25edfef4cf190ed4e5348d58_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EBAD 12 KB
4 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/timelinelite_1.19.1_e83510db25edfef4cf190ed4e5348d58_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9db45c7b730f0490aec270afd438e929bdc824fb5e21ce44982453cc03a542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4239
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H3 200 tweenlite_1.19.1_9fecaf2f68ee2520ddaa79e268d743a6_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EBAD 27 KB
10 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenlite_1.19.1_9fecaf2f68ee2520ddaa79e268d743a6_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b5f5e75af64e4f7f37759cc56d6a427fe98443c9f6663cb8ec6a688e00596e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9861
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H3 200 cssplugin_1.19.1_3e055071719ea45b6807509f844b72d9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EBAD 41 KB
16 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssplugin_1.19.1_3e055071719ea45b6807509f844b72d9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88d3ca80b7507885eececa9eb48c0d5c22c3d59487036dd4d9917cd65215335a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16483
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:15:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4B 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgmtzYq6dYqXJC6_P7_UPy8qC2A8AAAAAOAHgBAI&bg=!7O-l76vNAAao8wy8iPM7ACkAdvg8WkM2iyJc-5UpRVX2Gv8EmnOus_E6xF7LCt07FixXyoFDaA3QrQIAAABTUgAAAAJoAQeZAuDLVnyOX2UJ0bHxPRbQQV3I32RaR5HisDX8Jk2GIys0aY1jqQiuDi6Kxbp2SKvyFu00B0_mkkF3kSFYev8b4AJgFhXZ1R5-tODVCUf4eikQUW5XlXnTF5CAmz4UzgN9IsJaWprbiWkBAlmFoAqRZG2GOYphRqNbXkD2YPnQH8qLxV-rIQzLF9EqRucMlZgAYIigDKI1xkNJPoS8qcZni2qPPlfC5ztE1H7F48wJTjppEGiqkYSDYC77B8J5mEuYXYeePyKbNnaR5RjxfaRt4o5pcG1biWkll7rQO7sUnAwJzXU8wbuUcra_vDYnoY7saWWbuvdi6nqSonOthZFjH5zzSg5VZz3AXXyL7ejcPLBBenjwoc_EpaJSmzsdl3IjzsDvwkfoHyoXeiD_N5zTS5ezDJo18y708YR9kAvzowYXDQUcZX8LZr0BCTk9-_KkaoPgpCqPi9tsbksYG-zaaw-RIoaSOZHpr-5B6QFjzNp5v-y5RNZSQxRuo8gXObUnZk8I9SiHdTYw9eqotci-3_Fl-OPdmpMAKtRf5nnWJ1TOF8gHJUarMizt3c0Syw1OAZNtjMV4tIjBjIBjdH0j-VhfLiOCwiHKq_H-h5c8774K7vdpSx6M_ZB2_w44DwrWtK5qXcNVTt6-66G7VGumwE402WMkYx56afT7dpsdGoKNutUB4SNHQ88UhSdP8EkaHSP0tAPUmqEtBSg9d1bmmu8Ir2_QpFibL5EwijR-aZtvjVwNlyYa_FRVCm1EUc6SSNVpTPG9xfKu8LjRnMgw4Tv5D6XDn5XVy7L_l0fN2Ju3FODQurs5yhpwaKqxQXhVTpollsqJtBzYELaMcKaydjsBimqiJjerKhR3fOuFUsCTTpzcIWgmQOAres_kJJoSHedKLmnnfgvAgMHFcEZBKoa0Bf7twV-lnBAVVIBWCjpM4WyvCpAkMtG8oA3uuWuQywKB-sX72pdWTuFayEZSrJ0k

Requested by

Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CAB 0
0 78ms
77ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMfBP3JuORCE5Evqs-pFhTA-8VfmsYyhOTOHfqfSvRoX51qI30AEFLHVeTUDAxdyaM7rJmE5IsIWckUqOlR93s16A5rNajhcR-6ry4NEobkIkp8FLJgPm7T-bE-xzNf_LB67Thsll6GmjSItd1u98En95Kub1bNoPNzde7Dp_AeANCQ6Qo6nSeMjcZLwRwKlITIBN-pNUoSzFqHT7R1mLZt6Me_vc6-wHkLIQE8WizOXVR-fdZ6SZCGiFeLKp0Oz4nAGm2k_88aGJ5ZmCuNzNr7_IIP9vsYZmqbPOPP9qIaO_tuh2XbSGV2w&sig=Cg0ArKJSzHB-O-kIjEXTEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 8CAB 21 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:35:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8CAB 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:12:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CAB 138 KB
42 KB 195ms
112ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8CAB 0
0 137ms
48ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF6J-PHdco11J3D0--k2myoJRKXVcxl2svgLI2xgUsZ5u7NHCrfzThC_tEtsi_JYDqNbR_exjiULx0FmtxIFMYapFGjA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 859759856455590663
tpc.googlesyndication.com/simgad/ Frame 8CAB 169 KB
169 KB 42ms
42ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/859759856455590663

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7ad3c2d59cc282c7754d022cebe5b79f2cbada73a898bdeb82ced6cb6f55cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 17:19:24 GMT
x-content-type-options: nosniff
age: 310598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173471
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 15:57:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Jun 2023 17:19:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94FB 0
0 78ms
78ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxklCizQ2ajEl9_N2sEwdywESFnGMQOMJXD2rBmkSV5SJcmiFPRVCEhJNV8Iqe8rYyVO-F6WmtFdEry3Uj41Fqb-RHEwVGgt6Bo9NPnmA0u3rFe0I5Sfxbc-HzG-lWtrdupIJ-S49ab_p0NbSwVMmL0IX3TPSywHVbMiiDMb4Qj_0iTimUF0nzCzts7H2U3MtgRmyy5OF0qj4y6IJrJ0_oQ4rlMj44fsOH-2ldRVMgk3pxaO2X1Tf6-ewkovjK3bVuHrKBpOOq9CHuvfxF7hYypjU9k8q-UF5bZFy0Qp3fEEykkDmku-4wcysfzwAxaClcr4fqfI3O&sig=Cg0ArKJSzNSEGIzGvoy3EAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 94FB 21 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:35:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 94FB 3 KB
1 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:12:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94FB 138 KB
42 KB 172ms
97ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 94FB 0
0 130ms
48ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqszJTXbexzw0mGKp_vQFiiglSP0IiV0envQjGb0djQ0ClFpqOjW1trDglFQ87lIxZQdarzuuUG7aHPE8YQWlQQKDClw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 18305183878030641401
tpc.googlesyndication.com/simgad/ Frame 94FB 121 KB
121 KB 70ms
70ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18305183878030641401

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15f5f04898ca5b730a4ed317c0a89ef9e81e585f380d8a8e133c69713d1f305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:48:05 GMT
x-content-type-options: nosniff
age: 589677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124192
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:34:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 May 2023 11:48:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00B8 0
0 77ms
77ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdhbQv26XGEUsd86sDtsa85WXv70QR88LoluS5nioNIKdBDHrFDRfmOAOMdLydPV2hMja5JIxeQUb2ibsVfCKU8z53vrLGBN-fdsk0loN-CQGDwfyrk3u4mvZlTAX6nfPIa8a6f_DTIwJwB-mVCGUvK70iB9pL3yOvgLwnvZuCnQjnycUd58xac3Qf-JW9fWD-dJzyFhlOpURmwhfeCUh9CKT4piBwbdlNspcIjUyGzHdci-AEjOMI-kzL0ysUASJdt_IPdPEPd3hnMbqnjgIXiMlcctdYtBmLiI4-3hu5YgmG6ZHvHdwgxikU0eUrXHJbxAfTozQQkA&sig=Cg0ArKJSzDGuLaF5Wg9pEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 00B8 21 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:35:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 00B8 3 KB
1 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:12:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00B8 138 KB
42 KB 133ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 00B8 0
0 123ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbmYXETA18yZKRWEw9lUOKrqMHgEu7yCMxy1_42F25OKkNAX1EoFYLWi-Vs-NAhqHsus2mF6jj5GJtjO99CdYze_pgGA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 193391099421050972
tpc.googlesyndication.com/simgad/ Frame 00B8 233 KB
233 KB 80ms
80ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/193391099421050972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36952d80d813df09645071434df00d5d705d27061a62a957ec30c0f35c3aa2cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 10:16:10 GMT
x-content-type-options: nosniff
age: 508792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238452
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 12:15:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 May 2023 10:16:10 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44DA 0
26 B 160ms
78ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxYvTw5U-d7VtGZEX86w5nFiMqixBJGEGXx7PYGmkowWJWaSrTBqFDYhYIg5njQoOAH1PucoPBvM3YmQ0Zmc0SQN7F5Si1Ry5uTCtZyrRQeopvyBImDVG7H8zySNQLSAtUS3ld20yLjAKOxetgbnkMv6FbmPIVcxUiLXAtS6yEMyDFmzbVAcIOz4fcGjmsLb-kC3zIlBln4OO8ud_yxqoK_d3DLCqGx4-6TXymrNcBw2BUhim230mvhRYdl83P5QAu0jk7yt5g4uJ429eIHWwy8g2ijrVu59UrjqT3CQzASJqHDx38O_iJe9HqCtJuQO5V5-wUExisVVFJ37EiOzoeuniwV7tiSgXK-_aqUAnY9WHcZGRZiEtA5OonVU1fV0eJT172_E4AC4GgTM7WDS_N16FIyJbGgvtSA4IpNUUDcEkK6NJdLxAN06jdpbp_7_2ofFAEjKLOkucBD_vEnd0Ff0kKcA_72jnyPl4pEhg9xQKHd3Prgek6l-GKhFT_CjUgeQxpkIvCS9qb3UN89P6UeTg8Ldc42p3wkHKEygmVgcnGz5ZOEbEl_NKrg9OnKuZc9kJffFOEOpusPznQ-ns46jQ2H_0LNuFiuU0vBgIVjIuw6WWZNOrAAizKXW-Xgww3DfR4VnNnImNiAO5HPSe1wuprqLlujgmSrfKdC2ywBRT7m-3eqduVCgRzdyRMZFtYcrflrF1KNNMwZQOaAZNhpidLDwLHt1GDb8F0Z5lXVzO0Gjz51hg8Gw79NmhVXSRzR1drCGee_iwMEXNJboyxRod3wMfXYkROOJV5vzflKanS7_e0t3ObaTmjGLykjGAvJEPkm7LTsbnFTInQ339kkcTskFCHJlT3vP4tF-2siAmG-NceUvQv0oRhPn4aoprF91M5pgZTF86MjF97QdZomJjbPpuv0hgmsXra0FQ19Dz9Rreji5RuxjUqPCpavqR-kcD_6-tJf_gev-Rj9zYYD8kySqlQz8J2WVhKiluu_vE8CRRgIstdH_pI-PJFr2stndUaf9ZVDuQhTF2JydS1Ybd8fy-1rWXYeGRLkJvNQ3pOcml-ne0ocdgXYEcobqZjMRHqnUKh2tup7KxHbotX4IkQxNGIxV7WogDwQ2GnoKF_Qc_CjfMdAWFWloQsu1Bg7A&sai=AMfl-YScBqQsejaOFoz0bWt4uCQdCiCywqheh4JovLXIL4mTq_5Q1VOWNnw1cV0QhzrEnu03BtTtU-yFLYJU9NBazWncIKvDaA8Vs-E7ertMQDK68pLk60ANOmYF2bbPPa8fOASQiC4UlgnxvDHv6weWV0y5SFQOdRmUi2eGXYpVpxZkvGyxnF1XguRuskA2HECJIts9RhbmzxArwEd3LHKtE9aJT8Y6I8pmTA&sig=Cg0ArKJSzAYInkOWCteFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=324&dett=3&cstd=220&cisv=r20220601.28935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EBAD 7 KB
5 KB 133ms
51ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37612b6fdc4819f00ab17296001d27bc88c0961c79168ce425fb5bb46176fefe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5570
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EBAD 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00B8 0
0 77ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdjZYTmeEER_-zJLXjuE6pczsPTTvQN3x9oFqSymxZYcNOZypgxW6HgQvKfxcnmrl8QzROriNmocK8Ll0CxJIOCc1Wwitf2r3bG5QOEGzNwy87c8nP79r57oXvGAwl4mE7qvL2P0Oxmx-CxLoh9WQeCuMyNx7qaiR8-PsW-w1j8NlP6tDfCLEQUmIl6myXZj654PsPIK6cR_xRYdmZz2GLiqNgYZ5oqKrV1X60Pjvtme4X123RVDtmzNhbb5KMz_RDxJIi-a1tuspaxIul5y3hUWwbNfy7_I7RsNGO0QoMqvAfOi7uaByrBxoCDA&sig=Cg0ArKJSzPSFmpXwnpIAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Jun 2022 07:36:03 GMT

GET
DATA 200
OK truncated
/ Frame 00B8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a9fbf975e9f5acef28f5bd9709384c92278d073d5774876b48c59f70bb44f81

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94FB 0
0 76ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutBaBrm5d_62MfpfxD4yS0LzAnawxvtUk6VaJUZLaUOh9qZu9DumRFAtJRHdufdr9yFfxLM0bC5MHXr4IR2pT5UwagSDWA0GRCqsHWPQWz56Qo-g4V3D9ESea0j28rZWG4tBF7jcnM2jmWGK0DCWCajKj7QkpK5FO4OIhTg-7R94cf1uXEKdr04HgGI7HKZjksq2RYcVKkoDl-Dpr4evlebdnJiFRLQR6raoFvzZ_0DtQW0g-9s1RaFNtjI6IP5PPgB0Dg_wjAqLKNjDciI4knOD0RFNcsCVrS3OVSJto_LKNlEsKDr458npIR&sig=Cg0ArKJSzIVIsjQrFSPlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Jun 2022 07:36:03 GMT

GET
DATA 200
OK truncated
/ Frame 94FB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd6878f3347067c6e4b2589ee2890a71e0198c32640db476a33de0b2924e840

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CAB 0
0 76ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgN6KY1M1KlGJby68VJvcqzaUbla_AY5riE7XMOb76dirip0805skZJLankOs2ZJeVDkMBrwEeEmJhVBAZEfNsDA-31gjPKLCy-10mozuuYU-S5Wpm7EEXT_eSBf87ABFoVUXi1mhCDEhHBV7uHF4f4UnHO7Oii75W5IizP-CG1italdkQtQv2E0tOTds25lEQXid6vWkw-wRx0Gb5N429IJTjS9mFAZAXp4XC33sSAnnvA4KCSnlo_LRm8XsSN19MZ4rgz2CHPdCAe18OxVrT2MJ96xrDY3emwJgiyt0BJQh2tBNrtyrB4Ws6&sig=Cg0ArKJSzOdGo5BK81U9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Jun 2022 07:36:03 GMT

GET
DATA 200
OK truncated
/ Frame 8CAB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b30f5ea6ec7137952608d9d6c71956306e9b32603efcac10e1ec913899ea6e45

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame C7FB 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 20:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:22:59 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 44DA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1056993/63470348/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=&adsafe_pb=https%3A%2F%2Fst...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=

1 KB
1 KB

40ms
40ms

Script
application/javascript

2600:9000:214f:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:32:51 GMT
content-encoding: gzip
age: 226993
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 03 Jun 2022 16:32:41 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: h_bdZpZq_e3ATW5aJ66RN5rGh_UpsyXf
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: MR0K4PwfJlyFVEA7qNsWFQCq45ce6eGjdF9LqiF6UjziX6rdSokoEA==

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: app04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Yq6dYqXJC6_P7_UPy8qC2A8&cbFunctionName=goog_wrapCb_Yq6dYqXJC6_P7_UPy8qC2A8&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E810 80 KB
21 KB 149ms
45ms Script
application/javascript 2600:9000:214f:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 5375002
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 97TFpUmDRg0JIfLtqZXrRExocxhSIAf8q2c9YiNT-CxOmJHPry4BnQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
216 B 591ms
186ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0NZC,pingTime:-3,time:39,type:v,im:%7BpBlk:34%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 590ms
188ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0NZD,pingTime:-6,time:40,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:vsim.ua*&br=c
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 590ms
189ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0NZF,pingTime:-2,time:42,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:378,mdZ:1307,beA:1310,beZ:1312,mfA:1314,cmA:1315,inA:1316,inZ:1320,prA:1320,prZ:1323,si:1327,poA:1328,bl:1344,poZ:1344,cmZ:1344,mfZ:1344,loA:1350,loZ:1351,ltA:1352,ltZ:1353%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:24,readyFired:true%7D&br=c
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 722ms
370ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0O0r,time:90,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:91,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44DA 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEr-X3DM3YnpUNYZmsmKePdSkOlMYEaLp-QTWPaB2zjCAS_a-jzeuvm-pWQz25YukBY8RNbcQw4gBO9RON7HW6DD-8Mpa7cDa5R1vrb2QQaJfB2zYIYdstp__MYCQr_OcJ3HVs&sai=AMfl-YSq97m7dxg1s1h1QMo4oypt7VWnyEF7lwgFGcao7sKtd-0FdV6qs-zR75GKumqMdjN4deJUMXcwFTsqrMBqlPF1pw-1Q2rUbb8dprFxeKkrL9C6qHS1-R1ceRdWFoNu&sig=Cg0ArKJSzCW5uFPgwKpzEAE&cid=CAASKORoXD7W722eRBqpNvmMftG5yZYEvOBEX8_Z5B8GfGUo7r5qJRrll18&id=lidar2&mcvt=1001&p=228,1092,478,1392&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654500961931&rpt=537&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 347ms
187ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0O3y,time:283,type:e,im:%7Bimprf:%7Bttecl:1186,ecd:235,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:283,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B277~0%5D,as:%5B277~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 336ms
336ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0O6F,pingTime:-10,time:476,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1654500963717%7C%7Cd349d8f0f700771cfa55f706467778d7%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C486fc7616be028a1989dc41f41f5ccf5%7C%7Cf616139e5bd0c2217f62776b3a0216cb%7C%7C3d8be76553a6e1f13e2d35f851639e9e%7C%7Cbcfc1fc884c9145578f891e3141a1029%7C%7Cec1514fb3fbe1bdfe3d746821399e351%7C%7C1629390669%7D
Requested by: Host: 20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
URL: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:03 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/3090988726193369333/ Frame EBAD 10 KB
2 KB 42ms
41ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29de92f070bdebcd75cdf67750c45dac4b7b85c1cfdcc6c62b14346ea9a88637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:34 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3090988726193369333/ Frame EBAD 2 KB
608 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc390cb5e0242d80b53cae124189e4cd943941192d660abedcc6a6fadfc8d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 186ms
186ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0OcF,time:848,type:e,im:%7Bpci:%7Btdr:804%7D,pLoad:817%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:848,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B841~0%5D,as:%5B841~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:339,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:04 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CAB 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubdD6M2UvNSoQ3jMswnOHupovI8z9qt06-iQdOLvadDQquB-nWpB94KSvPZFgdz3efuZrThF707I7WKjav1YTyzuwyinlZi1FrsK8wUkNgsxPJE1VX&sig=Cg0ArKJSzDjMdD38mGxzEAE&id=lidar2&mcvt=1000&p=931,204,1181,1404&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220601&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=3&adk=2483578089&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654500962822&rpt=272&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 23445842_20220519021713123_CPW_by_Currys-logo-300x250.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame EBAD 10 KB
10 KB 61ms
61ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021713123_CPW_by_Currys-logo-300x250.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8b160e6009bd4b3728c5550dba8fc8588492d12e2ab6c825c71fb8f5656c530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 12:26:37 GMT
x-content-type-options: nosniff
age: 68967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:17:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 12:26:37 GMT

GET
H3 200 23445842_20190711084754456_blank_pixel.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame EBAD 68 B
94 B 61ms
60ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20190711084754456_blank_pixel.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 13:19:15 GMT
x-content-type-options: nosniff
age: 65809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Thu, 11 Jul 2019 15:47:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 13:19:15 GMT

GET
H3 200 23445842_20220519021729000_CTA-CPW-ShopNow-300x250.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame EBAD 4 KB
5 KB 59ms
58ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021729000_CTA-CPW-ShopNow-300x250.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c34c137e7ba26887d4116f993e820cb6f5ecc7425ac9128e14d9a06e661547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 12:26:37 GMT
x-content-type-options: nosniff
age: 68967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4596
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:17:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 12:26:37 GMT

GET
H3 200 23445842_20220519021801950_Product-GooglePixel6-CPW-300x250.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame EBAD 83 KB
83 KB 44ms
43ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021801950_Product-GooglePixel6-CPW-300x250.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826def941d36b1a17057b35cea275660cbdc8d2df162fa346c3d0845b325da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 14:02:59 GMT
x-content-type-options: nosniff
age: 63185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85364
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:18:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 14:02:59 GMT

GET
H3 200 23445842_20220520032044378_Background-CPW-300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame EBAD 14 KB
14 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220520032044378_Background-CPW-300x250.jpg

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d318beabbc802d67559eafb99e67ceebd9ab42bcf804c25e73a6149451e62a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/index.html?e=69&leftOffset=0&topOffset=0&c=Ik30TBPrS8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 12:26:37 GMT
x-content-type-options: nosniff
age: 68967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14748
x-xss-protection: 0
last-modified: Fri, 20 May 2022 10:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Jun 2022 12:26:37 GMT

GET
H3 200 CPWTrade.woff2
s0.2mdn.net/sadbundle/3090988726193369333/fonts/ Frame EBAD 9 KB
9 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/fonts/CPWTrade.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33d509ebbd6caf3998881f0c26a2687d4adc0a10ef94c9a8ecb5aaca953d742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:37 GMT
x-content-type-options: nosniff
age: 406467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8924
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:37 GMT

GET
H3 200 TradeGothicLTStd-BdCn20.woff2
s0.2mdn.net/sadbundle/3090988726193369333/fonts/ Frame EBAD 12 KB
12 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/fonts/TradeGothicLTStd-BdCn20.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b088ba66a204efdde8bd03eb975f293158a414d0ae0e15ad3523c441dff39ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:37 GMT
x-content-type-options: nosniff
age: 406467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:37 GMT

GET
H3 200 TradeGothicLTStd-Cn18.woff2
s0.2mdn.net/sadbundle/3090988726193369333/fonts/ Frame EBAD 12 KB
12 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3090988726193369333/fonts/TradeGothicLTStd-Cn18.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41397b74af89d0ff5319009524366a340ab81a48fc8105f125bee1d022d3ea1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3090988726193369333/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:41:37 GMT
x-content-type-options: nosniff
age: 406467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12608
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:52:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 14:41:37 GMT

GET
H2 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 96ms
95ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?fce4cf93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:04 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-1580"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5504
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 check Show response
vsim.ua/site_login/login/ 20 B
145 B 449ms
448ms XHR
application/json 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
cache-control: no-cache, private
server: nginx
content-type: application/json
x-dev: Desktop
x-cache: BYPASS
x-stat: 1

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 77ms
77ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:04 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 77ms
77ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?fce4cf93
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:04 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame 558B 32 KB
12 KB 253ms
253ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2b5a6b4a8908%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff256a3e11ce712%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=91fb160de016ac34139148f976d10216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8df44c3f98ff7c3767ee829ca730212c9c2f165f5e20e87251e182ecd0ee64ad

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 06 Jun 2022 07:36:05 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: P/oH9mTIIx2e2g3dzTP2MbX+xptvCe/zknJsCpokMwgcMzG1nKpvG7nVIfqL7F9p6lS/5xjyXB1WOmrAgyHkOw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 207ms
121ms Stylesheet
text/css 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-qeNjIP2ThyhPiEc8ghiuTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-qeNjIP2ThyhPiEc8ghiuTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 06 Jun 2022 07:36:05 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 37ms
36ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:28 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 40ms
39ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 d7f79173da5b3c84e419ee466efeef0bec49a53c.webp
vsim.ua/img/cache/news_rtp_small/news/0027/69/ 24 KB
24 KB 171ms
168ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/69/d7f79173da5b3c84e419ee466efeef0bec49a53c.webp?hash=2022-06-05-14-59-50
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: f91a9684d9bbdc6d15ee762557d937a00b502b497016ba6cc02875f608e895ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sun, 05 Jun 2022 14:43:58 GMT
server: nginx
accept-ranges: bytes
etag: "629cc12e-6120"
content-length: 24864
content-type: image/webp

GET
H2 200 0ad99791eaf986e62aecea4db8e01b5ee4257666.webp
vsim.ua/img/cache/news_rtp_small/news/0027/68/ 19 KB
19 KB 247ms
245ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/68/0ad99791eaf986e62aecea4db8e01b5ee4257666.webp?hash=2022-06-03-18-19-04
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7a9f81312406409cfa15f08b72d6f1c7cfa0c9884506faec7a605cb9588dc836

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sun, 05 Jun 2022 08:43:19 GMT
server: nginx
accept-ranges: bytes
etag: "629c6ca7-4b20"
content-length: 19232
content-type: image/webp

GET
H2 200 51d176bdfd876d0c75cf435ecdd0048073635761.webp
vsim.ua/img/cache/news_rtp_small/news/0027/69/ 24 KB
25 KB 323ms
321ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/69/51d176bdfd876d0c75cf435ecdd0048073635761.webp?hash=2022-06-05-13-19-12
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 6a826632ec60bc9067465bf3bbe48835293f8c70325c6a4fb0b9b9c65bcece31

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sun, 05 Jun 2022 14:43:58 GMT
server: nginx
accept-ranges: bytes
etag: "629cc12e-61f2"
content-length: 25074
content-type: image/webp

GET
H2 200 df7844be0816ac746a7aa3c4fe87c9e7530c45b5.webp
vsim.ua/img/cache/news_rtp_small/news/0027/69/ 18 KB
18 KB 324ms
322ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/69/df7844be0816ac746a7aa3c4fe87c9e7530c45b5.webp?hash=2022-06-05-12-06-06
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 403cdb783548c6181ebe99496cc831338ca577a8d5d17601c42e47d961cbf6e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sun, 05 Jun 2022 14:43:58 GMT
server: nginx
accept-ranges: bytes
etag: "629cc12e-4722"
content-length: 18210
content-type: image/webp

GET
H2 200 7a75bab32598e122373b81a341c563b5d6b234d5.webp
vsim.ua/img/cache/news_rtp_small/news/0027/68/ 21 KB
21 KB 324ms
322ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/68/7a75bab32598e122373b81a341c563b5d6b234d5.webp?hash=2022-06-04-10-20-06
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bf7f4a41eb4a75331ad146cdf42933757d605eeafafd32b11e47bfcff8902827

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sat, 04 Jun 2022 08:14:28 GMT
server: nginx
accept-ranges: bytes
etag: "629b1464-54e4"
content-length: 21732
content-type: image/webp

GET
H2 200 4c9ee3401d4bd754cb0dfe97e8754c9c7b750ea3.webp
vsim.ua/img/cache/news_rtp_small/news/0027/68/ 23 KB
23 KB 325ms
323ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/68/4c9ee3401d4bd754cb0dfe97e8754c9c7b750ea3.webp?hash=2022-06-03-14-09-50
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: ba5131e255c5b409d31bd2c0cf37dfb1312c7d6ee29cd79200c5625fef776fe5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sat, 04 Jun 2022 12:45:08 GMT
server: nginx
accept-ranges: bytes
etag: "629b53d4-5b86"
content-length: 23430
content-type: image/webp

GET
H2 200 b5a7534f20eccc2ef62eff3572f3d3ea038c9176.webp
vsim.ua/img/cache/news_rtp_small/news/0027/67/ 25 KB
25 KB 399ms
398ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/67/b5a7534f20eccc2ef62eff3572f3d3ea038c9176.webp?hash=2022-06-03-13-04-39
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 5e2929c100ce6f2aad5910081adbf0dcea224868231c515ccef59522460995f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Sat, 04 Jun 2022 08:14:29 GMT
server: nginx
accept-ranges: bytes
etag: "629b1465-64f0"
content-length: 25840
content-type: image/webp

GET
H2 200 5c03e86b3df1e2014e0588dc1a847233211fce31.webp
vsim.ua/img/cache/news_rtp_small/news/0027/67/ 28 KB
28 KB 400ms
399ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/67/5c03e86b3df1e2014e0588dc1a847233211fce31.webp?hash=2022-06-03-11-04-41
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: d618859886a5ef4c219672c2f85ff15a6de98d7a43a372c36192014c33c554f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Fri, 03 Jun 2022 11:33:08 GMT
server: nginx
accept-ranges: bytes
etag: "6299f174-6ea0"
content-length: 28320
content-type: image/webp

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 178ms
59ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 06 Jun 2022 07:36:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1134
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=0dODeHwrQ0Y5bnB3WmxCQSt1Y1VKUFVHYUQ5THA1S1pKZHNQK2UwT0NqRitHOHNzUm0vSVBvSXpwcXVVNldOcG9aaVdGV0xlcVM1c3RTTW01VWl0K3NMbElmOGtmMlFOM2tuMk5uK3M4dTZYMlpNWXNIVllMS0NCdTBEMz...

320 B
595 B

104ms
36ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0dODeHwrQ0Y5bnB3WmxCQSt1Y1VKUFVHYUQ5THA1S1pKZHNQK2UwT0NqRitHOHNzUm0vSVBvSXpwcXVVNldOcG9aaVdGV0xlcVM1c3RTTW01VWl0K3NMbElmOGtmMlFOM2tuMk5uK3M4dTZYMlpNWXNIVllMS0NCdTBEMzE1dkNFTHIycC92UTc4MCtYVzBLMVBCRHp0a2tSTjRWRHRZKzdjeGZOVkNOYzlvU0I5aTlSVVJMNTJ3REtoWU5yZzFqRkhiZmttN0NsaFVOTTYyZDYraTYvNEVqbTZqNnlvTUJIQkwwN2VVZm52dzlFOWR3PXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

049957cff16b1386dc22e04996b6f5ff665cdc29aeb2a44f141dedfa025ef057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2815
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:04 GMT
location: https://mug.criteo.com/sid?cpp=0dODeHwrQ0Y5bnB3WmxCQSt1Y1VKUFVHYUQ5THA1S1pKZHNQK2UwT0NqRitHOHNzUm0vSVBvSXpwcXVVNldOcG9aaVdGV0xlcVM1c3RTTW01VWl0K3NMbElmOGtmMlFOM2tuMk5uK3M4dTZYMlpNWXNIVllMS0NCdTBEMzE1dkNFTHIycC92UTc4MCtYVzBLMVBCRHp0a2tSTjRWRHRZKzdjeGZOVkNOYzlvU0I5aTlSVVJMNTJ3REtoWU5yZzFqRkhiZmttN0NsaFVOTTYyZDYraTYvNEVqbTZqNnlvTUJIQkwwN2VVZm52dzlFOWR3PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1860
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
614 B 135ms
42ms XHR
application/json 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459583/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

22423587267b0577013882d56cce283cb621cc557ecdb8fde0b43b0ff88ac86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 06 Jun 2022 07:36:04 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 558B 441 B
714 B 42ms
39ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2b5a6b4a8908%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff256a3e11ce712%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
x-content-type-options: nosniff
content-md5: bIdClDVUx2JypSkH1jl0jQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 441
x-fb-rlafr: 0
x-fb-debug: B19epHRg1o4xwLHW++IcyaVAGGOa2Y181l515/MreU59J4yUkXdgTTzYIwoDBUN7fXevjkXer8qIN4Otmaci7g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 27 May 2023 23:40:00 GMT

GET
H2 200 sq780ZpfeGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yx/l/uk_UA/ Frame 558B 529 KB
139 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yx/l/uk_UA/sq780ZpfeGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24f576b555b06d5f5efe788dc4a0056747fbd34499c9589284d288541aef1ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QMbTSQpwRwtMW09SCbqiLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142197
x-fb-rlafr: 0
x-fb-debug: pVs856uCLLIqfcQ0b+4wC5da24t5gADGU/7+JlrKkY9Bbd7uhaLUPFMAJiAO523vjIQXXWdZY/CjpwIL5oKROA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 03 Jun 2023 18:12:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 186ms
185ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0Ow3,pingTime:1,time:2050,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1049%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0,1~100%5D,as:%5B1043~300.250%5D%7D%7D,%7Bsl:i,t:1049,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:217,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:05 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 188ms
187ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0Ow4,pingTime:1,time:2051,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1049%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0,1~100%5D,as:%5B1043~300.250%5D%7D%7D,%7Bsl:i,t:1049,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:217,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:05 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 186ms
186ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0Ow4,pingTime:1,time:2051,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1049%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0,1~100%5D,as:%5B1043~300.250%5D%7D%7D,%7Bsl:i,t:1049,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:217,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:05 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 cavalry_endpoint.php
www.facebook.com/platform/ Frame 558B 67 B
101 B 147ms
147ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1654500965235&t_start=1654500965235&t_domcontent=1654500965245&t_layout=1654500965352&t_onload=1654500965352&t_paint=1654500965352&t_creport=1654500965352&t_tti=1654500965245&lid=7106027537741404462-0

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2b5a6b4a8908%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff256a3e11ce712%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: LuriIQPdUhsoJO4uMIWwYtQFE2MGJXWsNQn40KChCpzgIsFgYAE13kjR4p1isXtLt3YDYMTqzhhkyEPoKZGW0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Jun 2022 07:36:05 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
55ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022053101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48c5d65580e265a6b2b0b03bb26697074692f3c16c5b66094c99cfa4571d76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10552
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 87ms
87ms XHR
application/json 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=cHK4Mw01JGAgL4PkRymeaA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13d5d7d0b33a1ef123c2a1243ca9939db886f5ddbf2fc4ba92a08d2cb26e0f77

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BYKFqwlPIZ82qgy7C2zmiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BYKFqwlPIZ82qgy7C2zmiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 45ms
45ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:30 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 137ms
137ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?fce4cf93
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 40ms
40ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:30 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 07:36:05 GMT

GET
H2 200 362437226.jpeg
cdn.gravitec.net/images/users/1651162056492056576/ 4 KB
4 KB 35ms
34ms Image
image/jpeg 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1651162056492056576/362437226.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Jun 2022 07:36:05 GMT
last-modified: Wed, 05 Feb 2020 13:46:42 GMT
server: nginx
etag: "5e3ac742-e67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3687
x-proxy-cache: HIT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 135ms
34ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 06 Jun 2022 07:36:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1003
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E7E 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 39032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Jun 2022 20:45:33 GMT
expires: Mon, 05 Jun 2023 20:45:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C03 783 B
533 B 133ms
50ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97508c6bd47105ae0fc03e40986fc4416439a5073c8f69ce849ef98199d5dd97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1eIISXe2rDt_cI7aYnNwlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-1eIISXe2rDt_cI7aYnNwlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 07:36:05 GMT
expires: Mon, 06 Jun 2022 07:36:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E7E 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 20:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:22:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0C03 0
0 105ms
104ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022053101&jk=2194680601667314&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7E7E 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xSO41w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 07:36:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022053101&jk=2194680601667314&bg=!lJell9PNAAao8wy8iPM7ACkAdvg8WkY1kgNelfoTtAKTNoda63wLh3cmNBLQIKll5aJG62vICi-7zAIAAABUUgAAAANoAQcKAIys-CSVOCvJMcAeUsPd3t_yYfBfVrDFruaJjaCLp4YuTCMSEtkD8oy5XfGrFjd9Z4tqJ8eQmr4ewXyBVkSGF95t1TpYOURV3ng7ieTDGj5QduIACiDth1LLDaydbjNcrf06PEMgpbi9I6tOe9-TkwNtaU91DA5R394UwtKSYqFLB5EhHfOQBtRVDrjNHZkCo8LvnAMrU70WgoP2UsiFNLc1Jp0aWg2Y7fPR_pCTaXDYkTVcjmBVkueOLdUoBLQAfU2ZpLw6zliGW2VM40RCO7i3n_c4d2e0jEyaNlTOmYgd5EoKm9_uxXldtJsEFGzyHksibjVr0Ej0hKMbW9sC9ETI7UxS2M6UoEAV1IsResYRBHuo7tzRUYjcmdkohKrprmSemoBHASNF4itHCpS_XABu5wol_y7Dn0UxyIdVvjgfk9XVGFHklNbjvmB6tu8DvQuT1Fp4fb9IV_2tZQ6SIYpq4XDg6e_5h6BHOGgom3aQbdn4tljs6nTh7BWO6TyEgk7RI2eGJICfI5X5GCvu5uND5tEqGv2Cq1cCS8FQBQwo-9YpDwSdRXid-s6713rS48OfEokg8sbe4pESa_HB-_ItaZUzTGwwsiXOQ-JfG2UNqnfRDZGMsdMRaNYHQfAvVFJlPIAI0Q3dC-lnIXzstcjFMlESt8v2Xll4e4Tl9WLDBmyq4S1BbXkKUISvWg6RHXZxKLzyR4GyVOeWv0R7hraWC0rjOGfyd7tiFxodD4he1k1Ne_7phbH7n2aRvGdogKxNyIPC4o2lYiaPxKx2j7yRHjdwypKZ6_XO2zysUYbrYoNMSBWP8RfTXtNUkafOiW7Kbh-PuS1phsDA0N_Fi7H_bSUykNkBU8fJhELAewPnKybmEJJwgc94r7SLyTlLb48VtG0Atp_7n3bzMG5WIAuiLc3U56APe3vyA2e6qWomfTCSVMRiCLcJfXVFzdZsJd-HAg8KZtyWhWz26WllZMgp__F9OtLEv3i5WWrcRMp5-fxlnahdN2ZexlQ5Mfru0JaNt-UgGtIY3P4mqyt5TuOCn5xvXz6ktOOFmsGgdc0UHT5kCKIL2x4TUj_vNn-HTIbF6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0PyV,pingTime:5,time:6072,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1049%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5023,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0,1~100%5D,as:%5B1043~300.250%5D%7D%7D,%7Bsl:i,t:1049,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5022~100%5D,as:%5B5022~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:190,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:09 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 44DA 43 B
215 B 186ms
186ms Image
image/gif 2600:1f13:800:7780:3e5f:aebf:616:7e23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=5b21d688-a337-f073-7bf4-f0b0af3c085a&tv=%7Bc:eK0PyW,pingTime:5,time:6073,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1049%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5024,o:1049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0,1~100%5D,as:%5B1043~300.250%5D%7D%7D,%7Bsl:i,t:1049,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5023~100%5D,as:%5B5023~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:190,fm:t7XDqL7+11%7C12%7C13%7C14*.1056993-63470348%7C141%7C1421%7C143%7C15%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3e5f:aebf:616:7e23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 07:36:09 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vsim.ua/	1970-01-20 05:44:36	Name: _fbp Value: fb.1.1654500961087.397601653
vsim.ua/	1970-01-20 21:06:12	Name: GN_USER_ID_KEY Value: 4b0586d5-79eb-4ccd-9709-1d816924650b
vsim.ua/	1970-01-20 03:35:02	Name: GN_SESSION_ID_KEY Value: 53190a26-efdd-4bf1-bf5d-4beb7bc991bf
vsim.ua/	1970-01-20 03:35:01	Name: Value: undefined
.vsim.ua/	1970-01-20 03:35:04	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 03:36:27	Name: _gid Value: GA1.2.668947948.1654500961
.vsim.ua/	1970-01-20 03:35:01	Name: _gat Value: 1
vsim.ua/	1970-01-20 03:35:01	Name: browser_id Value: 4ebe576a-2b02-4fb8-9552-b0ab31c0efa9
vsim.ua/	1970-01-20 03:35:01	Name: remp_session_id Value: 74bfbd34-b272-4a4c-ae3a-caa772cf03d4
.facebook.com/	1970-01-20 05:44:36	Name: fr Value: 0C6hKXCOG4duW9sBa..Bina5h...1.0.Bina5h.
.vsim.ua/	1970-01-20 21:06:12	Name: _ga_0CS1NTGGLB Value: GS1.1.1654500961.1.0.1654500961.60
.vsim.ua/	1970-01-20 21:06:12	Name: _ga Value: GA1.1.316598117.1654500961
vsim.ua/	1970-01-20 04:18:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 12:20:36	Name: _pubcid Value: 405cba69-954a-45f5-a625-9de6ab3dd9e4
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 16:54:12	Name: E Value: ABkjWKFnCTKFg45I
.adnxs.com/	1970-01-20 05:44:36	Name: icu Value: ChgI4axaEAoYASABKAEw4dz2lAY4AUABSAEQ4dz2lAYYAA..
.adnxs.com/	1970-01-20 05:44:36	Name: uuid2 Value: 8217507278004089506
a4p.adpartner.pro/	1970-01-20 05:01:24	Name: apuid Value: bad43652-5d83-43d9-a27d-7be8339908b6
.adnxs.com/	1970-01-20 05:44:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>4pQ+:f!]tbPl1M>e)ZlrFUfJ+tGXxouQi)vo^CVf.aTNwiL^OJ-?KlVcb#p*(mprZP3If)y3KL9D3I?+N+b%o'
.casalemedia.com/	1970-01-20 05:44:36	Name: CMPS Value: 707
.casalemedia.com/	1970-01-20 03:36:27	Name: CMST Value: Yp2uYmKdrmIA
.casalemedia.com/	1970-01-20 12:20:36	Name: CMID Value: Yp2uYnMRLKzAQ6uaUleImAAA
.casalemedia.com/	1970-01-20 05:44:36	Name: CMPRO Value: 1838
.casalemedia.com/	1970-01-20 12:20:36	Name: CMRUM3 Value: 2d629dae622760CAESEOurwY4bBeglBLQr8qr0Y1I
.doubleclick.net/	1970-01-20 12:56:36	Name: IDE Value: AHWqTUnSpmwrNcC5S2HAU0PcTYxLKKarVSgKHzxUOGc8elp6BBOqZiit9bgInGxnGGg
.vsim.ua/	1970-01-20 12:56:36	Name: __gads Value: ID=a0d3419ef24224b3:T=1654500961:S=ALNI_MaXofCJJB3mFdjW8aONbr1M-3VXyQ
.adtelligent.com/	1970-01-20 05:04:17	Name: vmuid Value: 4eb90a28786ab60a
.adtelligent.com/	1970-01-20 05:04:17	Name: a307558 Value: bad43652-5d83-43d9-a27d-7be8339908b6
vsim.ua/	1978-01-11 21:31:40	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D
.vsim.ua/	1970-01-20 12:56:36	Name: cto_bundle Value: qlPwZV9NUGozMzFYJTJCRnNIRlhGamVlSHJNM2ZHU0xGQ1o2MlpMZzFReHd3ZyUyRmhzJTJGRUdSTFNyZGRGenFpcFZrNTVab0dTeUIxQUlGeWVvQkxJa0ROcHVDUmYlMkJ6Zm1HbkhBRUhCRlhsV0JidnFQNkpBJTNE
.vsim.ua/	1970-01-20 12:56:36	Name: cto_bidid Value: 9Y9H3F9FWG5ISlJHekNUcG1qRXlkcUoxTlRSUXZYRVRKbHYwZlBnMXV2RlIySjlnUFA3V0lWbnRibVVDeEUzNnZvQTJvbTkweSUyRnl1ZHJjTVlRbXE2cExzQllnJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20a3807582357a4f3c51402fb3e0410d.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.google.com
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ampcid.google.com
analytics.google.com
api.gravitec.media
cdn.gravitec.media
cdn.gravitec.net
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
leokross.com
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtelligent.com
prebid-eu.creativecdn.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.adtelligent.com
tpc.googlesyndication.com
tracker_beam.20minut.ua
unpkg.com
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
141.95.98.69
142.250.185.162
172.217.18.2
178.250.2.146
185.184.8.90
185.33.220.240
204.237.133.116
216.58.212.162
23.32.59.34
23.35.236.247
2600:1f13:800:7780:3e5f:aebf:616:7e23
2600:9000:214f:c400:8:48e:53c0:93a1
2606:4700::6810:7caf
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:812::200d
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:400c:c1b::9d
2a02:2638:1::13
2a02:6ea0:c700::16
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a0c:5c81:5142::2
31.41.216.82
31.41.220.94
34.98.64.218
45.133.44.3
45.133.44.4
46.249.52.249
51.83.220.94
52.174.47.89
52.41.103.203
62.149.0.72
79.171.117.17
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
049957cff16b1386dc22e04996b6f5ff665cdc29aeb2a44f141dedfa025ef057
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1183c2694c8d4a6eaaf6e8047c293b181703939ddc662c6685f172c1299c5da9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d5d7d0b33a1ef123c2a1243ca9939db886f5ddbf2fc4ba92a08d2cb26e0f77
14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
22423587267b0577013882d56cce283cb621cc557ecdb8fde0b43b0ff88ac86e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24f576b555b06d5f5efe788dc4a0056747fbd34499c9589284d288541aef1ae8
265e77771216422546e58de6047cc2984f4a92d877b54d0d4fdcc3fa51f22e7d
270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29755c6f88c6d190e9753c95a9cfc6bf79c9485e701a74326dc2b2c3ccb8c8b7
29de92f070bdebcd75cdf67750c45dac4b7b85c1cfdcc6c62b14346ea9a88637
2b088ba66a204efdde8bd03eb975f293158a414d0ae0e15ad3523c441dff39ea
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
36952d80d813df09645071434df00d5d705d27061a62a957ec30c0f35c3aa2cd
37593767f544317c9c3e032830d3ee92b32efb73404c3f6cee45c97690ec5acd
37612b6fdc4819f00ab17296001d27bc88c0961c79168ce425fb5bb46176fefe
3a7ad3c2d59cc282c7754d022cebe5b79f2cbada73a898bdeb82ced6cb6f55cc
3cc390cb5e0242d80b53cae124189e4cd943941192d660abedcc6a6fadfc8d7d
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
403cdb783548c6181ebe99496cc831338ca577a8d5d17601c42e47d961cbf6e2
41397b74af89d0ff5319009524366a340ab81a48fc8105f125bee1d022d3ea1a
44caafcf9388edd636d5056ca4639ec35b6044bb84fefa98be717751dda685b6
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
467603d9bceed2da21c86800bb9558929c54c9314881fb69f63653c7824aad9e
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4a9fbf975e9f5acef28f5bd9709384c92278d073d5774876b48c59f70bb44f81
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0e4d7c6d3b1044c00e227225a769366c2dc4ca87e08ea21a536576b74e301e
4d9128d652b5dee08d4535b54702ec0f6e8b28d5c47f242337a6b8ade29516bb
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4f0e5b88053bf2742591f7efdbbbd6fc2814be4532c485eec0ecb404808222b8
4f44c8466422e9554ee8ec72cc2f063a79f7df4b9f15a87d47369860ce5deb72
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e0c065341de647899dd6e8aebd1add0d78749202274e299f96bb4e70296dbaa
5e2929c100ce6f2aad5910081adbf0dcea224868231c515ccef59522460995f6
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
60c34c137e7ba26887d4116f993e820cb6f5ecc7425ac9128e14d9a06e661547
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b5f5e75af64e4f7f37759cc56d6a427fe98443c9f6663cb8ec6a688e00596e
67656b202a63c834a0a072643bad67ecd2b25edf681a8ec7e762d734af2a14fb
6a826632ec60bc9067465bf3bbe48835293f8c70325c6a4fb0b9b9c65bcece31
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9db45c7b730f0490aec270afd438e929bdc824fb5e21ce44982453cc03a542
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
7379d47cbf147b3d98794cfc82cbe49bc0bff579e48af5de2c3370f7df1192fe
74dd90ffc2712290698567be4ab2bbfa0dc73e9ba52d83d53cb82481f3074561
7822d0ec1b8fd640adb6a6fd671bdd62ddccb3e7e903dae5bd35cabe983e2a5f
7a9f81312406409cfa15f08b72d6f1c7cfa0c9884506faec7a605cb9588dc836
7bc9c4ddbb9605a6d98a540bf170ad6a0f5144c73071f3b6e53a1819134b4e50
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
87e36f6113145798fd0bef9811d421b555449f0f3a6499d70fec815c081afaa2
887c03a243a6b4080b48213d0f98bf0a79c85b769503530bcb789590f61ba7e3
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
88d3ca80b7507885eececa9eb48c0d5c22c3d59487036dd4d9917cd65215335a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8be6618cc474324380b04c2d2cda8ba9399a7e8c794562373ec575de43bbbf0f
8d055f06176b7d175b33b0c86d749cb1c28072cb4f9aecd978c0581e3efd54c9
8df44c3f98ff7c3767ee829ca730212c9c2f165f5e20e87251e182ecd0ee64ad
90fb660a73dae345dc7fbe6733838b80cca5a0ec1c73b0d5b867e91fe3f639c0
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97508c6bd47105ae0fc03e40986fc4416439a5073c8f69ce849ef98199d5dd97
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a318994ba4d8957538ba81f3e17a7826b71e432c8e87de6340fa7df1e58675
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad1e37cb8a3465734afa9cebc451bd2f089b09567f0b12c1acf34ab09a0ee7e9
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4
afbdb515e2dde78a6e30ed7c4a1fb18958cf08567a438cc86d7a2de109780450
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30f5ea6ec7137952608d9d6c71956306e9b32603efcac10e1ec913899ea6e45
b33d509ebbd6caf3998881f0c26a2687d4adc0a10ef94c9a8ecb5aaca953d742
b48c5d65580e265a6b2b0b03bb26697074692f3c16c5b66094c99cfa4571d76c
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b826def941d36b1a17057b35cea275660cbdc8d2df162fa346c3d0845b325da6
b8b160e6009bd4b3728c5550dba8fc8588492d12e2ab6c825c71fb8f5656c530
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
ba5131e255c5b409d31bd2c0cf37dfb1312c7d6ee29cd79200c5625fef776fe5
bb34ada5cf21f81635ab6a34489e563f47614f4ddab28d9f628d532c13093aa3
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bdd6878f3347067c6e4b2589ee2890a71e0198c32640db476a33de0b2924e840
bf7f4a41eb4a75331ad146cdf42933757d605eeafafd32b11e47bfcff8902827
c04ae800cfedd5e33f9c1ade3a4e6a96d42296edab01acfaf4e5cc4bf4b38ec4
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c15f5f04898ca5b730a4ed317c0a89ef9e81e585f380d8a8e133c69713d1f305
c24294d1f89fff020d723364a2579d634970402884aba7d50a3018fc4e7f1884
c342abff84b34dac6ad81ab9cf59e9fe3cccb117b5c530602f8b01fa1f22728c
c3b4f208ea2995166300a3d63d11e9bf98f6d076244986480ea3994861b1fb4b
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c7a29aa22953bb6f851c361c9084aafba20ef57ab5e534bd42f3de413975650e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc31d88bf5b774e905350ea967d9b3325a58c213ee4a8b4469a6e658fabdf1c2
cda04b81943a3bc8b0cf1038f37063403081eac9e8dc553f2845a203ad8681b5
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d318beabbc802d67559eafb99e67ceebd9ab42bcf804c25e73a6149451e62a74
d3c8e53c2eb36e1989267889f2f2e31d5bf14c20ab203b3770d942365a358210
d618859886a5ef4c219672c2f85ff15a6de98d7a43a372c36192014c33c554f2
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38ce7391432873bb0c5fb3213b9778672e660d94aeb1ede0ba5b59d2625305c
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
f91a9684d9bbdc6d15ee762557d937a00b502b497016ba6cc02875f608e895ed
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b
fda497832701749b71a42246a178905a1adbb188c04ea88ecd71390ecf140b07

vsim.ua Open in urlscan Pro 31.41.220.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

95 %HTTPS

52 %IPv6

29 Domains

48 Subdomains

44 IPs

8 Countries

3530 kBTransfer

9047 kBSize

32 Cookies

13 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

95 %
HTTPS

52 %
IPv6

29
Domains

48
Subdomains

44
IPs

8
Countries

3530 kB
Transfer

9047 kB
Size

32
Cookies

203 HTTP transactions
5 data transactions