urlscan.io logo urlscan.io
SecurityTrails logo

stud.com.ua Open in urlscan Pro
5.45.72.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://stud.com.ua/
Effective URL: https://stud.com.ua/
Submission: On December 06 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 15 countries across 93 domains to perform 481 HTTP transactions. The main IP is 5.45.72.163, located in Dronten, Netherlands and belongs to SCALAXY-AS, NL. The main domain is stud.com.ua.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time stud.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 5.45.72.163 58061 (SCALAXY-AS)
85 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 5.45.73.237 58061 (SCALAXY-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 45.133.44.3 39572 (ADVANCEDH...)
17 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
8 2a0c:5c81:514... 55081 (24SHELLS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 3 51.89.9.251 16276 (OVH)
2 6 185.89.210.90 29990 (ASN-APPNEX)
1 34.149.50.64 15169 (GOOGLE)
1 18.194.114.29 16509 (AMAZON-02)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 185.184.8.90 204995 (RTB-HOUSE...)
5 203.195.121.142 7979 (SERVERS-COM)
3 216.52.2.39 32475 (SINGLEHOP...)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 146.0.227.110 29066 (VELIANET-...)
1 34.107.148.139 396982 (GOOGLE-CL...)
37 52.28.203.152 16509 (AMAZON-02)
1 80.77.87.161 46636 (NATCOWEB)
1 76.223.111.18 16509 (AMAZON-02)
2 2 51.83.220.94 16276 (OVH)
2 62.149.1.122 15497 (COLOCALL ...)
42 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.98 15169 (GOOGLE)
12 45 172.217.18.2 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
3 146.0.227.109 20773 (GODADDY)
2 2a03:90c0:41:... 199524 (GCORE)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 35.244.159.8 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
6 8 185.94.180.126 35220 (SPOTX-AMS)
6 6 3.126.56.137 16509 (AMAZON-02)
4 6 2620:116:800d... 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
2 2 69.192.160.219 16625 (AKAMAI-AS)
6 7 185.64.190.78 62713 (AS-PUBMATIC)
5 7 69.173.144.165 26667 (RUBICONPR...)
2 3 2a05:d01c:1d8... 16509 (AMAZON-02)
1 3 185.86.139.115 201081 (SMARTADSE...)
1 2 34.240.30.150 16509 (AMAZON-02)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
4 34.149.12.213 15169 (GOOGLE)
3 3 3.74.33.199 16509 (AMAZON-02)
4 35.186.253.211 15169 (GOOGLE)
3 3 104.18.33.19 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:223... 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
3 178.250.2.146 44788 (ASN-CRITE...)
5 2600:1f13:800... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.166 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.41.145 24940 (HETZNER-AS)
1 2 23.205.253.64 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 141.95.98.65 16276 (OVH)
1 23.35.228.23 16625 (AKAMAI-AS)
2 23.35.236.201 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
7 8 52.57.148.231 16509 (AMAZON-02)
2 2 34.243.37.252 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
3 4 37.157.6.246 198622 (ADFORM)
2 2 185.29.134.248 30419 (MEDIAMATH...)
12 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 2 67.220.226.238 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 1 54.85.151.23 14618 (AMAZON-AES)
5 5 52.215.215.189 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 151.101.66.49 54113 (FASTLY)
1 1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.19.147.44 3356 (LEVEL3)
4 35.71.131.137 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 141.95.171.140 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 63.251.232.170 32475 (SINGLEHOP...)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 141.94.171.213 16276 (OVH)
2 2 52.49.92.250 16509 (AMAZON-02)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 1 51.68.39.188 16276 (OVH)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.101 29990 (ASN-APPNEX)
1 1 168.119.168.202 24940 (HETZNER-AS)
1 194.55.244.179 34959 (PROCLOUD ...)
2 2 193.232.148.140 48061 (UMA-TECH-AS)
1 151.236.71.19 204720 (CDNETWORKS)
1 47.252.78.131 45102 (ALIBABA-C...)
3 3 31.172.81.160 44066 (DE-FIRSTC...)
2 2 89.108.120.76 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 96.16.141.156 ()
2 23.205.235.133 ()
5 69.173.144.138 ()
481 94
13    5.45.72.163 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: mx.ebrary.net
stud.com.ua
85    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
chart.googleapis.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.ua
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    5.45.73.237 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: mx.studlancer.net
studlancer.net
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
17    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
9    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
6    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    18.194.114.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-114-29.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
5    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
37    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
2    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
42    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
20    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
45    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
prebid-inv-eu.admixer.net
2    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
4    2a02:26f0:1700:6::17d5:a18f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
8    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
3    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    34.240.30.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-30-150.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
3    3.74.33.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-33-199.eu-central-1.compute.amazonaws.com
d.agkn.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2600:9000:223f:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2600:1f13:800:7782:a19c:ee18:a235:a64b (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
5    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.o2online.de
2    23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    52.57.148.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-148-231.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.243.37.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
4    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
12    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.85.151.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.215.215.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-215-189.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    141.95.171.140 (France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
2    52.49.92.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    168.119.168.202 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de
bidswitch-eu.splicky.com
1    194.55.244.179 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)
sync.dmp.otm-r.com
2    193.232.148.140 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com
px.adhigh.net
1    151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
3    31.172.81.160 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    96.16.141.156 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.205.235.133 (None, )

ASN- ()
eus.rubiconproject.com
5    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
pixel-eu.rubiconproject.com
Apex Domain
Subdomains		 Transfer
120 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com
808 KB
87 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
ad.doubleclick.net — Cisco Umbrella Rank: 173
594 KB
44 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1227
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
6 KB
32 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 734
ads.pubmatic.com — Cisco Umbrella Rank: 533
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 1051
image4.pubmatic.com — Cisco Umbrella Rank: 982
simage4.pubmatic.com — Cisco Umbrella Rank: 1288
38 KB
20 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 288
438 KB
15 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
15 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29330
ad4m.at — Cisco Umbrella Rank: 9590
assets.ad4m.at — Cisco Umbrella Rank: 38422
739 KB
14 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6425
ghb.adtelligent.com — Cisco Umbrella Rank: 6025
ghb1.adtelligent.com — Cisco Umbrella Rank: 7697
ghb2.adtelligent.com — Cisco Umbrella Rank: 10009
sync.adtelligent.com — Cisco Umbrella Rank: 4649
146 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
4 KB
13 stud.com.ua
stud.com.ua
327 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
441 KB
9 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 920
static.adsafeprotected.com — Cisco Umbrella Rank: 606
dt.adsafeprotected.com — Cisco Umbrella Rank: 566
97 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2441
dis.criteo.com — Cisco Umbrella Rank: 752
9 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1023
x.bidswitch.net — Cisco Umbrella Rank: 322
2 KB
8 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 620
5 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 470
rtb0.doubleverify.com — Cisco Umbrella Rank: 751
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15724
44 KB
8 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2903
prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 218763
cdn.admixer.net — Cisco Umbrella Rank: 44098
91 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 627
secure.adnxs.com — Cisco Umbrella Rank: 486
43 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
98 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
6 KB
6 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 721
2 KB
6 openx.net
us-u.openx.net — Cisco Umbrella Rank: 468
rtb.openx.net — Cisco Umbrella Rank: 1824
1 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2218
cache.betweendigital.com — Cisco Umbrella Rank: 16160
5 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 549
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
109 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 14384
pixel.onaudience.com — Cisco Umbrella Rank: 3226
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 718
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7808
1 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 4870
2 KB
3 agkn.com
d.agkn.com — Cisco Umbrella Rank: 669
2 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 602
1 KB
3 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1604
1 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 608
632 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 635
1016 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
578 B
3 googleapis.com
chart.googleapis.com — Cisco Umbrella Rank: 23165
fonts.googleapis.com — Cisco Umbrella Rank: 51
3 KB
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3803
668 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 12718
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 14032
823 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 655
946 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 930
903 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 31782
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 975
s.tribalfusion.com — Cisco Umbrella Rank: 2229
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
744 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1554
995 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5758
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3502
902 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 476
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14781
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2007
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1346
344 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
57 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 81981
static-de.ad4mat.net — Cisco Umbrella Rank: 111542
4 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10265
513 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 600
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
20 KB
2 studlancer.net
studlancer.net
100 KB
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2135
106 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 15151
69 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 27707
221 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3826
466 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2422
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
518 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3848
104 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3032
527 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
612 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1521
282 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 17018
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6298
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5648
280 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 915
244 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 572
552 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 784
613 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
398 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 63767
641 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 86726
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 76784
436 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 79381
261 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1148
356 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 404
140 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1259
189 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6154
174 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 6233
403 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 942
694 B
1 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 31514
102 KB
1 google.com.ua
www.google.com.ua — Cisco Umbrella Rank: 18142
324 B
0 storygize.net Failed
www.storygize.net Failed
0 mxptint.net Failed
rbp.mxptint.net Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
481 93
Domain Requested by
71 pagead2.googlesyndication.com stud.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
ad.doubleclick.net
45 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
42 tpc.googlesyndication.com googleads.g.doubleclick.net
stud.com.ua
tpc.googlesyndication.com
pagead2.googlesyndication.com
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
37 c2shb.ssp.yahoo.com player.adtcdn.com
20 s0.2mdn.net stud.com.ua
s0.2mdn.net
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
ad.doubleclick.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
stud.com.ua
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
14 securepubads.g.doubleclick.net stud.com.ua
securepubads.g.doubleclick.net
cdn.admixer.net
www.googletagservices.com
13 stud.com.ua 1 redirects stud.com.ua
12 simage2.pubmatic.com ads.pubmatic.com
12 www.googletagservices.com googleads.g.doubleclick.net
stud.com.ua
securepubads.g.doubleclick.net
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
10 googleads4.g.doubleclick.net stud.com.ua
ad.doubleclick.net
9 www.google.com stud.com.ua
tpc.googlesyndication.com
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
8 x.bidswitch.net 7 redirects
8 sync.search.spotxchange.com 6 redirects googleads.g.doubleclick.net
7 image2.pubmatic.com ads.pubmatic.com
7 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
7 image6.pubmatic.com 6 redirects ads.pubmatic.com
6 assets.ad4m.at as.ad4m.at
6 cms.quantserve.com 4 redirects 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
6 ups.analytics.yahoo.com 6 redirects
6 ib.adnxs.com 2 redirects player.adtcdn.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 ghb.adtelligent.com player.adtelligent.com
player.adtcdn.com
5 match.prod.bidr.io 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 dt.adsafeprotected.com 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
5 ads.betweendigital.com player.adtcdn.com
ads.betweendigital.com
5 adservice.google.com stud.com.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 token.rubiconproject.com eus.rubiconproject.com
4 match.adsrvr.org ads.pubmatic.com
eus.rubiconproject.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ad.doubleclick.net 2 redirects www.googletagservices.com
4 rtb.openx.net 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at stud.com.ua
as.ad4m.at
ad4m.at
4 cdn.doubleverify.com 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
cdn.doubleverify.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 player.adtelligent.com stud.com.ua
player.adtelligent.com
player.adtcdn.com
3 sync.bumlam.com 3 redirects
3 mug.criteo.com
3 ssum-sec.casalemedia.com 3 redirects
3 d.agkn.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects googleads.g.doubleclick.net
3 ag.innovid.com 2 redirects 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
3 id.rlcdn.com 2 redirects 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
3 prebid-inv-eu.admixer.net securepubads.g.doubleclick.net
cdn.admixer.net
3 inv-nets.admixer.net player.adtcdn.com
cdn.admixer.net
3 ap.lijit.com player.adtcdn.com
stud.com.ua
3 onetag-sys.com 1 redirects player.adtcdn.com
3 www.gstatic.com stud.com.ua
googleads.g.doubleclick.net
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 px.adhigh.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ads.avct.cloud 2 redirects
2 ads.pubmatic.com player.adtcdn.com
ads.pubmatic.com
2 id5-sync.com player.adtcdn.com
2 www.awin1.com 1 redirects as.ad4m.at
2 fonts.googleapis.com s0.2mdn.net
securepubads.g.doubleclick.net
2 rtbc-eu3.doubleverify.com cdn.doubleverify.com
2 static.adsafeprotected.com 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 fw.adsafeprotected.com 1 redirects stud.com.ua
2 e.dlx.addthis.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 cdn.admixer.net prebid-inv-eu.admixer.net
2 sync.adtelligent.com stud.com.ua
2 a4p.adpartner.pro 2 redirects
2 www.google-analytics.com stud.com.ua
www.google-analytics.com
2 studlancer.net stud.com.ua
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 event.clientgear.com ads.betweendigital.com
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 bidswitch-eu.splicky.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com 1 redirects
1 lb.eu-1-id5-sync.com player.adtcdn.com
1 acdn.adnxs.com player.adtcdn.com
1 contextual.media.net player.adtcdn.com
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 odr.mookie1.com 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 prod-rtb.ad4mat.net stud.com.ua
1 eb2.3lift.com player.adtelligent.com
1 cs.admanmedia.com player.adtelligent.com
1 prebid.media.net player.adtcdn.com
1 hbopenbid.pubmatic.com player.adtcdn.com
1 ghb2.adtelligent.com player.adtcdn.com
1 ghb1.adtelligent.com player.adtcdn.com
1 prebid-eu.creativecdn.com player.adtcdn.com
1 bidder.criteo.com player.adtcdn.com
1 grid.bidswitch.net player.adtcdn.com
1 s.seedtag.com player.adtcdn.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 player.adtcdn.com stud.com.ua
1 www.google.com.ua 1 redirects
1 chart.googleapis.com stud.com.ua
0 www.storygize.net Failed eus.rubiconproject.com
0 rbp.mxptint.net Failed eus.rubiconproject.com
0 googlecm.hit.gemius.pl Failed 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
481 140

This site contains links to these domains. Also see Links.

Domain
studlancer.net
bank.gov.ua
Subject Issuer Validity Valid
stud.com.ua
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
studlancer.net
R3		 2022-09-11 -
2022-12-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-10-15 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh

This page contains 72 frames:

Primary Page: https://stud.com.ua/
Frame ID: CB25809F49C174B00742F8966539E75A
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: DB931A8CAA202C4C9D80971ECF0A990D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9237573666471195&output=html&adk=1812271804&adf=3025194257&lmt=1670239863&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fstud.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278731&bpp=4&bdt=366&idt=232&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=247
Frame ID: E5A12EFF353A4259A656B7A9B8B24F88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Frame ID: 677A76EE234BEC9CCC3472A89E1D3FA6
Requests: 11 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 547B930643FEC5B7100D78B0234F1F37
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 19ACC228037E1247D0AC8B5E32B3FC91
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 393E3FAD21466CBD7CFD0C0410292153
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2B8DB65A286BBC4C204828CE544D8606
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Frame ID: AD75C58F86907E7DBBA2B2AB3E1D687C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Frame ID: 263B537E1B3F87AA15629C57AFBEAC13
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB0BCB5D12BFB0DB738F20DCF7A95810
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236C0D8E851E1F07FF1360BF1C2B1D9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74D0E3057A324F0BEBB25AF97DD95711
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5LoR4xcEfBYEk8oOcjbEKc3GaYJ9aamre0hVrxFGxnvMyg5ZoYGwQNqC1WGXw01NUubxoI2i42wpM9TGKMTecXY_PF7xbfHt0McvkihMt0s5DeQZybEvfE3cUroYHITjbj27lIjwyGt5xfIeXP99dw4SaIneUxJG2H1xp3_GxLVE4W3IWI0ifu8L-9R3Yc-AGs0GiY4Q3D3P-Fr94rPLJnt6puKuDNY23rfOYtO8VN7F8MsvC3OGt8JqJurJJx8G0zytkNGAB5He0Vj8ZxQwU3vRi12FgqudLy1t1UWngNJUHFXUK9XrnSzML3tO4&sai=AMfl-YTa8y7pGxaHTs5SfPOXo7eZRLhOOzVk2JsloRRHGUdM6qL16yzanwKWGepkgAtBOHVmGFCr_hOXkF2nzk8pL79coBfKKSxKHt9SPrvtDZM2FjMX3mNcgdEFO9J-BX9H&sig=Cg0ArKJSzPkWbWOCxd_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 86291E961F6EA1B2AB7291169D1455A4
Requests: 21 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46E7ADAEE54A2E68A06DB8FFC1E7D812
Requests: 21 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2BC95D8577AE0C6182EE169C628AE80
Requests: 30 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2B6F524B2F114C62089BDF2BBBD6C06
Requests: 28 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C17D899905896EBCA54AD286F5A46F9
Requests: 23 HTTP requests in this frame

Frame: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19E39C6B88039882B1C33C72CA0D0476
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Frame ID: 64642E829B331346F5B61AF9215C829A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXbCZqgTD-XilKu-wqeT7weibLDsRHUbjp7G5NTrCdHBjBdpfTmkaFMnMh5NskuRjmmUaMLaTpXQdkLl6-KiZ0R6E1voBxgCCRziSsD5C0uDUe-6g0l_qDH4XONHPPfhLGdmXpIokU-WDKSc3q2VR6cRnX3Xeh7vSe0NjC-yRRjQo6bZn4
Frame ID: BA4881F31DE198CB7BB4DF953151AE7B
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDhJe8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTmAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXgF37yhKQVAYDj5a3X2nsVAlrqaDpwmJLXXWqdiTaPirXOBdn_Q24AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGOOCdg&sigh=Z60YsTDnuCs&uach_m=[UACH]&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw
Frame ID: B2A939C28D0C6C0E5292B1423C875253
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
Frame ID: 278EDFF9EADAC40A5F3C8EEE6D80CE8C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D795C22F815F6307191009AAD51F89E3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNUNnR0whksBulEUZ_tyN1SQjb4ZWq_Ly_spPOeoFBwyb2tBDhrawL7iJecsqYS_qjwqxkFuqIHa_6zRoZCK-YXzZzlVbh-9mSoEe-2UfzC5RLsX_OPQsHRV-wO7TLw4GJWmPbknvzO2gK1-z-RjTcvgy7d1thLCReMjdeGh11J9ySQAIRQ
Frame ID: A8D0A2AA6AE04E54298F0792F42FC69B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGMzZ5tQBMAE&v=APEucNU_LjVcPUYbTmSgR9MOJ9KRSUjBKhqPR6bp2Mece9yp1wNnpteXctei1I81xii0blFqqOFLmrEvKAAxu24YfnZY7TsN69Vaza2kDFd8U-PpIeBXrsg6hNWnGEFxxYEBK7ir2Nd7-fWADYT1fubEpGWfg9ap1CVW2XQy16pNwNHdrJ7SH84
Frame ID: 3E2D817925C0ED0097CC937F013CBCBF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47406D3FA7CEC573E2E03599E4EC24E5
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=stud.com.ua
Frame ID: 7A321F5DE07F65AE8E60A5A33D022A8D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 893EF0883DBAD71C4988530BD537BDDB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7BD27C1ED0C7EB5E8B7F1A4FF20A385
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 105CF8D9D79716561BCC5BD6BD6E00E9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 523E49476F571D90108D760A8CB766C5
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4CAB13516A03805079D9B8C71624BA3F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Frame ID: 8E5475B835DAB5B669CFA70CDA1F68B9
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
Frame ID: D219E66315965D851C1665BF8080C844
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 06EEAEBA95E13E29EB6F19D49A491838
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C5F831C0AC63DFC3262C08D1E01FDD3
Requests: 3 HTTP requests in this frame

Frame: https://dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0451D5A5115820B384A9375AD8A1EE08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88F28F77AF04C4F6ADFF873F5DC969E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 833F13AE2C7B309461EAB89CF68AFA26
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Frame ID: 33D809D420B9125CF64CA79A09B30658
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: D87CB14E3D6EA7A79E90AD368C8D83A8
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57D0CBEF371996B8F41E684334A4B8AE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92F9EB9D4DA8A0138E9E9C80ACE16BD4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EDA59B677757B8AF22E86DDA49FE4DEC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87B7A2B233301E1E2C3A239D2028CC2B
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CA8B11A11FD90F080A88BAE7E8572955
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: F91F70A50A984E5A8E247048DEF065BD
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670295279362&gdpr=0
Frame ID: A42887A85E1532C7EBF27DED5EC652C7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 063EF08379BA9A5C3A1C1FE227D21612
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13459965
Frame ID: 2623BF1CC6A755E4F261AAF6B731F35B
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: E6C3501EDC1E9F47887442EE2AAF1388
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
Frame ID: D7FE8F791B8B41D485A7333B01E5EC71
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&gdpr=0&gdpr_consent=
Frame ID: 1F221583E2B080075E0CFE6B949AF1A2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3069470619164504429
Frame ID: DDE8D9DE21A99D5C0B0484CDE447FD8C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 59479E5498916395779AE31032F34DF5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CC5BE39688F4F61C536ABAC180C3660A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4148347070498717920&gdpr=0&gdpr_consent=
Frame ID: D9E77459CA687BF4D0EB45DCC849155D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
Frame ID: 2052EE12DDD5C9FC28B23C2F67F403FC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7173863615164577945&gdpr=0&gdpr_consent=
Frame ID: 90025A782DF716584F6FA7EFB0B7C0B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lnsvs02sQr9_aCmhG0q13VLHgiU
Frame ID: C60BAC92DAD69020036FAC14C5AB3301
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFo3E7HHV4AACB_507aDw&gdpr=0&gdpr_consent=
Frame ID: 9A0395332DA34630C0C05D944948B0FC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y46u8wAB0VwtvQAZ&gdpr=0&gdpr_consent=&_test=Y46u8wAB0VwtvQAZ
Frame ID: 5B9EE4C9E79D551623A5D1A341F55854
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: A35AD1264DB1DD425F56E07F78A27304
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9A2C4EF5123AE8F978B34DE4DDC50971
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8149970042
Frame ID: F65AC4ADB0E81979B422B1FD78CCA2C3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 44E6A84A1742CA0B77004F2FD47DD33B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B390B50B8FE3B449D6D3AEC734CC88BD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTjVjbUMMXhXagSn
Frame ID: CE3BA1E464A2BFAD0EEF286BD218485D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0A5CF42E88AFC6894E9DB0648DE7C76E
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9785eae9-6af7-5454-ae67-f373cde95d9c&CACHEBUSTER=976629
Frame ID: C0E68F0F63121B202FAEBFF7653F44F9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: A2737542E69373704F9DECE2E60D7131
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Підручники для студентів онлайн

Page URL History Show full URLs

  1. http://stud.com.ua/ HTTP 301
    https://stud.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

481
Requests

86 %
HTTPS

30 %
IPv6

93
Domains

140
Subdomains

94
IPs

15
Countries

4352 kB
Transfer

10154 kB
Size

125
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://stud.com.ua/ HTTP 301
    https://stud.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=uk HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 93
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y46u8C0VMBR4MKxhzh7qkwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPm2l03CpG2w_vYn5Tc8NN4&google_cver=1
Request Chain 121
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0ODM0NzA3MDQ5ODcxNzkyMA%3D%3D
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBfca59XaC20dFGnzXAK4w&google_cver=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEM6HROz8H8-qagos217FW2Q&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b9d5ef-7511-11ed-92ac-1891fad20506
Request Chain 208
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=54b147e1-7511-11ed-bd1b-1984e64b0406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Request Chain 209
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b99dd4-7511-11ed-b311-10b91cd50206
Request Chain 211
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=54b1a6d4-7511-11ed-8c7d-14c817940406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Request Chain 212
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
Request Chain 214
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ5xh0OOtHFWXKJd_weM1mCIUnTosSLMKlhnJs0Kbwi3ZLMbnOuhwjRL4h26CJg4MoUXBrc1njPKE7DtOcruPYGqbtfg63f&google_gid=CAESEMrmoGG4X3B3szWKQxERQMM&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPHdupwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BU2tKM0ZaNXhoME9PdEhGV1hLSmRfd2VNMW1DSVVuVG9zU0xNS2xobkpzMEtid2kzWkxNYm5PdWh3alJMNGgyNkNKZzRNb1VYQnJjMW5qUEtFN0R0T2NydVBZR3FidGZnNjNm HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc1dYNmtoMDlzOFFENW1OTDQ3cktrWUtsTG1MV1dZMlRVMUFjWl9XSXM4MA==&google_push
Request Chain 215
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3fHZOP_0CMIlGljTa0vyJPDAkSsbVBOW&google_gid=CAESEH424kUCjB9psa_zyvcMpX8&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3fHZOP_0CMIlGljTa0vyJPDAkSsbVBOW&google_gid=CAESEH424kUCjB9psa_zyvcMpX8&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDYwMjU0NDEwMDA3OTI4NzMwMTY4OQ%3D%3D&google_push=ASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3fHZOP_0CMIlGljTa0vyJPDAkSsbVBOW
Request Chain 216
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FaPs0iRUVbT68QXStoZZVQHO2XGhFJdcsW_5QlLQa7AOEIm6Wz_EeN8VUQN8wuY6m-Pa5yX5AQWSdYNuRIXSS3lnCvOJnCo HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FaPs0iRUVbT68QXStoZZVQHO2XGhFJdcsW_5QlLQa7AOEIm6Wz_EeN8VUQN8wuY6m-Pa5yX5AQWSdYNuRIXSS3lnCvOJnCo&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaPs0iRUVbT68QXStoZZVQHO2XGhFJdcsW_5QlLQa7AOEIm6Wz_EeN8VUQN8wuY6m-Pa5yX5AQWSdYNuRIXSS3lnCvOJnCo
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652T6m1qAT7Cu03jYudyz3Qt2jVl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OSlgtMTEtOEtWSg==&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652T6m1qAT7Cu03jYudyz3Qt2jVl
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIwR2_XETmmekYmxbyJXeLQ&google_cver=1
Request Chain 261
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51Psv7Z_d8RdYdeWLaH652unJEjqZ6di38bJsgoPz HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51Psv7Z_d8RdYdeWLaH652unJEjqZ6di38bJsgoPz&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Request Chain 262
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Request Chain 264
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FaOmPN_gc_WIMV20QPaKbNXjGwTK8DYlYp9K2Tc-mJldTs3dl4b5u4RJLfjyDGVWDUwp9IKBfuJ9B8qPBASlpb-w_A1nA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaOmPN_gc_WIMV20QPaKbNXjGwTK8DYlYp9K2Tc-mJldTs3dl4b5u4RJLfjyDGVWDUwp9IKBfuJ9B8qPBASlpb-w_A1nA
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-SepNnwthudB0H8rUu5OjGf- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OTU0tMTItSFI4RQ==&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-SepNnwthudB0H8rUu5OjGf-
Request Chain 266
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&google_push=ASkJ3FYifJnOUo6psa2FAn2E9CF9C71NyxobGjQJ6dX5MeUat8RMItk7qv-Prs-XL06DbhTcBDesoKVFCKNrgcI20uSW2QODdA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYifJnOUo6psa2FAn2E9CF9C71NyxobGjQJ6dX5MeUat8RMItk7qv-Prs-XL06DbhTcBDesoKVFCKNrgcI20uSW2QODdA
Request Chain 267
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG_Pb0TshKK3-gaM1YbOmTo&google_cver=1&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA&google_hm=m24uzQTZSYm3Nw6BmM5UIg
Request Chain 279
  • https://fw.adsafeprotected.com/rfw/st/1196176/66167959/4.js?ias_dspID=3&ias_campId=1009160256&ias_pubId=pub-5656744916850703&ias_chanId=1&ias_placementId=18467292430&bidurl=https://stud.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g2-lmYx6MPRNjX0qx6EC76&adContainerId=brand_safety_8a6OY_rkDOS7x_AP6s-1gAU&cbFunctionName=goog_wrapCb_8a6OY_rkDOS7x_AP6s-1gAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fstud.com.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fstud.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c6e7fad8-0970-8bab-d694-3824a72b30f5,c:vYU9Iv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7dfd966686-6l89l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tpcwMuh+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C18%7C19%7C1a*.1196176-66167959%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e111%7C1e12%7C1f,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:23,oid:54b73524-7511-11ed-adb4-8eda8c923941,v:19.8.372,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 283
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oauwdJKJF2IE7XhIeNVyjTeqGe8YVZ_RcR61T56HaEId HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oauwdJKJF2IE7XhIeNVyjTeqGe8YVZ_RcR61T56HaEId&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Request Chain 287
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FbgV-pDcBKWk8gtqkfukvn4NSUJxAxPoagyOP_XPeg3dTBWLP5FQyBWsY6mjhvciQFBZGCgrL4UGkv4Z3XLu6_sE8nuSfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbgV-pDcBKWk8gtqkfukvn4NSUJxAxPoagyOP_XPeg3dTBWLP5FQyBWsY6mjhvciQFBZGCgrL4UGkv4Z3XLu6_sE8nuSfw
Request Chain 288
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM55GMhLBkv_zR_qKVBrMbbIt9yV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OUjgtUS01TzNH&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM55GMhLBkv_zR_qKVBrMbbIt9yV
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&google_push=ASkJ3FYOknhQ5z2bUuMk5D9ARpweaen5YxWu8-ccR_Yr4kBC-rJEoJRLxti52ZUhBF-ktORM_dmZH7MMxszaqfGaQpqoiBS_2kbT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYOknhQ5z2bUuMk5D9ARpweaen5YxWu8-ccR_Yr4kBC-rJEoJRLxti52ZUhBF-ktORM_dmZH7MMxszaqfGaQpqoiBS_2kbT
Request Chain 291
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=stud.com.ua&sn=ChromeSyncframe&so=0&topUrl=stud.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=swjd_nxLRG0zY0loRWdvN29wUllLV3RobUxwTGFvWENPVUc4eGxMaVFrR2JLUUNJdDNkTExWdnI0dVk5VG1CTWxvc0hZc0ttMzhqOXJzaFlQWVlMbW11bnJmY0ZqbUtIUnFLc3pJM2k2OFJHZUZPb2wrZTI1ekJYOXZPQVJvWjRwUDdjUytxVG4wUkpzcjBSOUExMzhmczhoSmw1VnJwOTFtd3N2Z1pHV2pQMlV3V29XM2ZKWW84QXlKZFhLRjhUU3RBVDVwS3cxL2dkcyt5Z1FKZTFDYndRTElYLzFLUkxPR1ZYb2VtbEN0TE5MblpuRmc4QVovWTh5bFdFVnVjaHdQcUtZZG1pNCtNay9XdU50MzN2VW5DRk9Idz09fA&cppv=2
Request Chain 341
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIDP2uf-4_sCFY3luwgdGvEBgg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 344
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1670295282_5537d690-7511-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 381
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Request Chain 383
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FZhE6BEPB1Hd--oUGdd3oqsxPGeh-0e1rrMPX7B9BcO9BrjHCo6JvqYV3lMBE_2b7RseWzYBkeQ7-YZGKQD2k5ez1STpMMOww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZhE6BEPB1Hd--oUGdd3oqsxPGeh-0e1rrMPX7B9BcO9BrjHCo6JvqYV3lMBE_2b7RseWzYBkeQ7-YZGKQD2k5ez1STpMMOww
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5ZhWO20Q-Mf4HjHC_9CQ6MXasCjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PREMtMUQtTE9QMw==&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5ZhWO20Q-Mf4HjHC_9CQ6MXasCjw
Request Chain 385
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG_Pb0TshKK3-gaM1YbOmTo&google_cver=1&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mIr8Lk_Eg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mIr8Lk_Eg&google_hm=m24uzQTZSYm3Nw6BmM5UIg
Request Chain 389
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAya5p9rQ5ecNJUzcgCLP-KqAh6KJVGKGE2VP55volQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAya5p9rQ5ecNJUzcgCLP-KqAh6KJVGKGE2VP55volQ&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Request Chain 390
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Request Chain 392
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOdwHM35YFI9d45mCF361WY&google_cver=1&google_push=ASkJ3FbJwpIRkT0cTC9wIuMgKukIYuoGR3S6Imv1-J0BjedGm2Ax-KjGoSZ3Lb73fmk_WkYnKXmMrW9WMlodwzz8DBwvlLq1Brw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbJwpIRkT0cTC9wIuMgKukIYuoGR3S6Imv1-J0BjedGm2Ax-KjGoSZ3Lb73fmk_WkYnKXmMrW9WMlodwzz8DBwvlLq1Brw
Request Chain 393
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyfdi2eLaP82puLoODo_g13-DO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PRjMtMVQtNTVaSA==&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyfdi2eLaP82puLoODo_g13-DO4
Request Chain 394
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&google_push=ASkJ3FaDQ1bfYN-2JNunI7dKyTUfDpBG7M7SrgssC0eR9H9GyKIyT44-bo4wyYoCs0qADfboLF1NCJfQk4s0AgSB4jcAK4KJeHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FaDQ1bfYN-2JNunI7dKyTUfDpBG7M7SrgssC0eR9H9GyKIyT44-bo4wyYoCs0qADfboLF1NCJfQk4s0AgSB4jcAK4KJeHg
Request Chain 409
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=JhzDRHw5aVRKZENXM1ltazZVNTF1TVhuNDhlQlJJL2ZaaG1ZWTFXYjFSdFhlTWV5Nnd6Z1REaytvMkhqTUdhWnV6bTBzMmIrUnU0cXVvWUNUMVJJUFdrN2tURUFJdktuc205bkt6VXZYWnkzOWx3TzdIc1pnVWJMczBQZHY3d1RabnRrZWdFL3plaVlUdURtMEEyYjVJd0NrcE5UU1M0QnBaU204RWRZMnJsQmQyTnAwc0FzUnJmWTZxRVVIc3h0NFZRdnphUzJnVG9UMldVV3ZGTm55bDNwdHRRQzZaQURJVENVWGtIZU4welRyY0VlQ2tWcXdtZDdYSFVISzBTQVRZWTR0VG1Wd2lJVE5aaEZaaWc0Ri9DbjFsZz09fA&cppv=2
Request Chain 417
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e24d2f92-924e-453f-98a0-959f6481d6dc&ssp=themediagrid
Request Chain 429
  • https://c1.adform.net/serving/cookie/match?party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
Request Chain 430
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&gdpr=0&gdpr_consent=
Request Chain 431
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3069470619164504429
Request Chain 432
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 433
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 434
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4148347070498717920&gdpr=0&gdpr_consent=
Request Chain 435
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
Request Chain 436
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7173863615164577945&gdpr=0&gdpr_consent=
Request Chain 437
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lnsvs02sQr9_aCmhG0q13VLHgiU
Request Chain 438
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbzNFN0hIVjRBQUNCXzUwN2FEdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFo3E7HHV4AACB_507aDw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1493625515242909286&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFo3E7HHV4AACB_507aDw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1493625515242909286%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1493625515242909286&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFo3E7HHV4AACB_507aDw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFo3E7HHV4AACB_507aDw&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y46u8wAB0VwtvQAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y46u8wAB0VwtvQAZ&gdpr=0&gdpr_consent=&_test=Y46u8wAB0VwtvQAZ
Request Chain 440
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 441
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 442
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670295283846 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8149970042
Request Chain 445
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYTjVjbUMMXhXagSn HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYTjVjbUMMXhXagSn&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=52683925db9d8585d459b5aa465ac74c&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYTjVjbUMMXhXagSn HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTjVjbUMMXhXagSn
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 448
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32e3638e-aef3-4b00-9afb-aa1302b0cb31
Request Chain 449
  • https://pixel.onaudience.com/?partner=214&mapped=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=37c5c16ff2b20a8e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=37c5c16ff2b20a8e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=87477d1d69958ef2d055d30ed802ac0d&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ2NDFFMDMtMjVBMy00MDgwLUE1RjQtNzBBOUUwRDIzMjEz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE3Q2jb2_cngqFTzEZpHbMI&google_cver=1
Request Chain 453
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7409004770038962898
Request Chain 455
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a0616139-426e-4eac-a7d8-58cadaf40b13&expires=1&user_group=5&ssp=pubmatic&bsw_param=44d42845-bdaa-42cf-9c93-c02c6d923616 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 457
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uLYM3EVE2uXxgw_YnYDwny5ivMLAu5w-~A&gdpr=0&gdpr_consent=
Request Chain 459
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&gdpr=0&gdpr_consent=
Request Chain 460
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8480527932475672240&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 461
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fce4a1e-4f62-4977-9204-9ec68582ff34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 462
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4148347070498717920
Request Chain 463
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=44d42845-bdaa-42cf-9c93-c02c6d923616 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44d42845-bdaa-42cf-9c93-c02c6d923616
Request Chain 465
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS01aUdJRTFORTJ1Ry54Y1E4QjJWOVhiWWVseW9NTVQ3SFdMVV9kUVUtfkE%3D&gdpr=0&gdpr_consent=
Request Chain 466
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uiqX4ZG4wCT.AikABlGE5VtqYQ
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616
Request Chain 471
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARj13bqcBqIBEFbcLJR1ERHtocQAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=56dc2c94-7511-11ed-a1c4-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=56dc2c94-7511-11ed-a1c4-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=41tWULNEwAw3ynSRIWXJmg& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437?redir-setuniq=1
Request Chain 477
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 485
  • https://onetag-sys.com/match/?int_id=4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Request Chain 487
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7173863615164577945&expires=730

481 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stud.com.ua/
Redirect Chain
  • http://stud.com.ua/
  • https://stud.com.ua/
132 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx / PHP/5.5.38
Resource Hash
091b5f94da940b35af27150021749511585926b36c2c8e4c303df05a49864b41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=WINDOWS-1251
date
Tue, 06 Dec 2022 02:54:38 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 05 Dec 2022 11:31:03 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/5.5.38

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 06 Dec 2022 02:54:37 GMT
Location
https://stud.com.ua:443/
Server
nginx
normalize.css
stud.com.ua/templates/agrid/css/ 		2 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stud.com.ua/templates/agrid/css/normalize.css
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
9ec0f64e5dbe89db69c74e916f36c0172a2d99ad6f6f2b22ca48e4493f2b3091

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Sat, 11 Apr 2020 15:13:34 GMT
server
nginx
etag
W/"5e91de9e-701"
content-type
text/css
cache-control
max-age=864000, max-age=864000
expires
Fri, 16 Dec 2022 02:54:38 GMT
agrid.css
stud.com.ua/templates/agrid/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
110f9df01faaf1c095e17387e051c04eaff94428f9603886ef807e24d9915819

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 17:37:06 GMT
server
nginx
etag
W/"63484cc2-2c87"
content-type
text/css
cache-control
max-age=864000, max-age=864000
expires
Fri, 16 Dec 2022 02:54:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e9b4a647a987ead08ff561bec2aacd7dc1773be8cf4fc656eeffb064c485792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Origin
https://stud.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49321
x-xss-protection
0
server
cafe
etag
10938384198058307083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:38 GMT
logo.png
stud.com.ua/templates/agrid/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/templates/agrid/images/logo.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
a77ddd6e1f9a51be62ecf6fe0ac747f0e24420bb72cf4c1bc7421b7faddccf5c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Tue, 14 Apr 2020 16:14:55 GMT
server
nginx
etag
"5e95e17f-3b07"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
15111
expires
Fri, 16 Dec 2022 02:54:38 GMT
chart
chart.googleapis.com/ 		818 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=https://stud.com.ua/
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GoogleChartAPI/1.0 /
Resource Hash
633fb954e4c608aff445328431b5b0e37bc4ee62c11c110793906913f1923561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 17:00:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 18:35:04 GMT
server
GoogleChartAPI/1.0
age
35664
x-frame-options
ALLOWALL
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
818
x-xss-protection
1; mode=block
expires
Mon, 28 Nov 2022 13:40:46 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=uk
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 06 Dec 2022 16:00:25 GMT

Redirect headers

date
Tue, 06 Dec 2022 02:53:16 GMT
x-content-type-options
nosniff
server
sffe
age
82
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Tue, 06 Dec 2022 03:23:16 GMT
share42.js
stud.com.ua/share/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stud.com.ua/share/share42.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
6bc7ca08b6253d3467f7ac4b7038dc93fc1078af79cc2783b28175701ab9d44a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Thu, 22 Nov 2018 09:55:07 GMT
server
nginx
etag
W/"5bf67cfb-a2e"
content-type
application/javascript
cache-control
max-age=864000, max-age=864000
expires
Fri, 16 Dec 2022 02:54:38 GMT
print_adv.png
stud.com.ua/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/images/print_adv.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
563e2f1f30883d0d6f38af0a3ab53d70f4ad62ac986381da22770808dec525ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Tue, 22 Sep 2015 10:07:08 GMT
server
nginx
etag
"5601284c-340f"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
13327
expires
Fri, 16 Dec 2022 02:54:38 GMT
min_adv2.gif
stud.com.ua/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/images/min_adv2.gif
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
379d12bc18d8f62fce29f2e976cc9a2f242cf5587489023a82877d465205bb2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Tue, 22 Sep 2015 10:07:06 GMT
server
nginx
etag
"5601284a-3e47"
content-type
image/gif
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
15943
expires
Fri, 16 Dec 2022 02:54:38 GMT
zsu_help.png
stud.com.ua/images/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/images/zsu_help.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
f716e51a722e337c511181483abd9bc0d21b9b80a0ce1878949d691cf84fcbb2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Mon, 28 Mar 2022 13:22:15 GMT
server
nginx
etag
"6241b687-327fe"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
206846
expires
Fri, 16 Dec 2022 02:54:38 GMT
studlancer_form.js
studlancer.net/images/chat/ 		254 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://studlancer.net/images/chat/studlancer_form.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.73.237 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.studlancer.net
Software
nginx /
Resource Hash
869802b0676ae800709c65ef9d689d7c2bc3693247ecae342431a8cb5caf4d23

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 10:32:28 GMT
server
nginx
etag
W/"631b163c-3f691"
content-type
application/javascript
cache-control
max-age=864000, max-age=864000
expires
Fri, 16 Dec 2022 02:54:38 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
hb_307789_6902.js
player.adtcdn.com/prebidlink/452998/ 		345 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330817c842894cde8706295a6763725fbcaa6fcc05d2387562167f47a6a0e229

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Dec 2022 19:06:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6388fb3e-56217"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK6tMXhXNiLH2FBerIhlSka9Re5QFUyZBemqWBQWcdH0z1gI9a16Hbu%2BoDDL1wq5X%2FfNmpIVv%2F4scYmF99Q5r1fDZWu1MPNHp4O%2FutXsWbDiXeiv3Gow1QbIPdvQNfhDQ8Wl41Ze7JKQUrMpw9uI6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7751bcf2ff96f3f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 06 Dec 2022 03:09:38 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 01:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5398
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 06 Dec 2022 03:24:40 GMT
hb_307789_6902.js
player.adtelligent.com/prebidlink/463970/ 		345 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463970/hb_307789_6902.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f7a9975c89da2095ad937d9364d109d420bceea133109453fca2251c2302a9e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 02:54:38 GMT
date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 19:06:38 GMT
server
nginx
etag
W/"6388fb3e-56217"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
368efa57daae391de6f253828bf520217a86aa9f2e50d79a28e259fa746b769b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
server
sffe
etag
"1413 / 60 of 1000 / last-modified: 1670286137"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 02:54:38 GMT
wrapper_hb_307789_6902.js
player.adtelligent.com/prebidlink/463970/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463970/wrapper_hb_307789_6902.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9abd094046fa97cc586eb240ff157b0dac4061ae7e0f5149282c285c083e547b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 02:54:38 GMT
date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 19:40:57 GMT
server
nginx
etag
W/"638e4949-6c4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
branding_overheader.png
stud.com.ua/templates/agrid/_adv/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/templates/agrid/_adv/branding_overheader.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
2a2e7a9db175f0bb293280acdeca9691ebdd13f07d4e4bbd5eae58296e38432e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Sun, 12 Apr 2020 22:12:36 GMT
server
nginx
etag
"5e939254-57e7"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
22503
expires
Fri, 16 Dec 2022 02:54:38 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=147964406&t=pageview&_s=1&dl=https%3A%2F%2Fstud.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%9F%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D1%96%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1456032637&gjid=1113971000&cid=523528440.1670295279&tid=UA-160007486-1&_gid=1829369148.1670295279&_r=1&_slc=1&z=614903730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 21:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 21:21:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		210 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039916483235401902b27c593c789ecd8bb22e991c73bfc660bdabf5002d825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21caab46139ba05fe6ce0d8f1fd2efa48c88a1936e6b0827688553e5407f667e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119785
x-xss-protection
0
server
cafe
etag
2800225039013582372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame DB93 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
75612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 05:54:26 GMT
etag
10353107486223812946
expires
Mon, 19 Dec 2022 05:54:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hbw_master_307789_6902.js
player.adtelligent.com/prebidlink/19332/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463970/wrapper_hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e9ada260b447ba1e84e66a87a192b0765334b8af90be2753d4f405a08b9062f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 02:54:38 GMT
date
Tue, 06 Dec 2022 02:54:38 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 19:40:57 GMT
server
nginx
etag
W/"638e4949-20fd8"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
branding.png
www.google.com/cse/static/images/1x/uk/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/uk/branding.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 19:03:35 GMT
x-content-type-options
nosniff
age
546663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1500
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 29 Nov 2023 19:03:35 GMT
icons.png
stud.com.ua/share/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/share/icons.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
d690786187fce6782d9d8fd0cbf3bb49dd2859084aea2e4c4507df3637686ac0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Mon, 15 Oct 2018 13:17:56 GMT
server
nginx
etag
"5bc49384-dc8"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
3528
expires
Fri, 16 Dec 2022 02:54:38 GMT
back_order.png
stud.com.ua/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/images/back_order.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
4676429835a2b8c9f18b8ac4f303fed85374c183999e7b6d3a0817b85bb56f0c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Tue, 22 Sep 2015 10:06:59 GMT
server
nginx
etag
"56012843-bde"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
3038
expires
Fri, 16 Dec 2022 02:54:38 GMT
buttons_order.png
stud.com.ua/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stud.com.ua/images/buttons_order.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.ebrary.net
Software
nginx /
Resource Hash
31a92da3d2476f7a4b87e23ab4a82f0189b58af3491ad67be26dc0920e807b2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
last-modified
Tue, 22 Sep 2015 10:07:01 GMT
server
nginx
etag
"56012845-203d"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
8253
expires
Fri, 16 Dec 2022 02:54:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:38 GMT
config.json
player.adtelligent.com/exchange_rates/307733/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307733/config.json?cb=https%3A%2F%2Fstud.com.ua%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ce7fb2d22faa2608b32022842c0610c0e0ede1dca6a0bc387e3cbd7ff5a11dc9

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 08 Dec 2022 02:54:39 GMT
date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 12:01:18 GMT
server
nginx
etag
W/"638ddd8e-84c"
content-type
application/json
access-control-allow-origin
https://stud.com.ua
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ 		134 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d436caf347940b8f2326d6584f6b48e28eb889a964108ba508454bda21d0eb9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
134
tracking
ghb.adtelligent.com/adunit/ 		43 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307789&site_id=6902&pbjsv=v6.25.3&full_page_url=https%3A%2F%2Fstud.com.ua%2F&adid=bmoll7.m6&features=81952&vpbv=N104&lifecycle_tte=1032
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=stud.com.ua&callback=_gfp_s_&client=ca-pub-9237573666471195&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b7a55d31c58edc91b618db22eeb5c3ddd38f8eeef1b6293ff6f1b0869b5f4d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E5A1 		91 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9237573666471195&output=html&adk=1812271804&adf=3025194257&lmt=1670239863&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fstud.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278731&bpp=4&bdt=366&idt=232&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245a56e7545d72473f31970a8867fb776e465830ec7f01944b57d772cef319cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
37124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Tue, 06 Dec 2022 02:54:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 677A 		68 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
526f0ebd7eca1a05da46cbcf52542ed5a4e75db5d9ebc02c1deb41ff28ea6e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22898
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Tue, 06 Dec 2022 02:54:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		524 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4274417511305150&correlator=752634370860523&eid=31070872%2C31071146&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=21931593928%2Cstud_rich&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=2017733276&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1670295279130&lmt=1670239863&dlt=1670295278365&idt=529&adxs=10&adys=3711&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstud.com.ua%2F&frm=20&vis=1&psz=1580x1200&msz=1x-1&fws=4&ohw=1580&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c217df682e84389bfebba75db4d349187c8ca65e584a6632ab49f270fd9836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 547B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csyncs
ghb.adtelligent.com/ 		649 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=534736
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3a0b2e1ab74e77678860f9eda0f8b8583f323993a130fba6e8b7884ba4cdb58e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
350
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://stud.com.ua
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		84 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
29a163bdd6790c25a63f815bece0e1b8351f612ccf54d2ba1f2486993f7ab199
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:39 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3c19d900-a154-4368-bd6c-526a43a89155
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://stud.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
s.seedtag.com/c/hb/ 		11 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
via
1.1 google
server
nginx
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hbjson
grid.bidswitch.net/ 		24 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.114.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-114-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3ce24d304f451f4d438a9e535c0ab6a9cfcc5169fd20afc575c4ceb53183918b

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=44839648536
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ 		2 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid
ap.lijit.com/rtb/ 		95 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.3
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4c2e8d6ada53bb78aa93fb70c7f97b417c8207da98a04e65232446aacbaebded

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
/
ghb.adtelligent.com/v2/auction/ 		3 KB
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
da15f510f502b5bee7171f62d15bf0d730d0e7208878dcaba8a49046ea9a0242

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
382
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c142d3dee1ddd5b3020b8961d5cf2b0c1568e0f447e723729f3bafcf7a566efa

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
382
/
ghb2.adtelligent.com/v2/auction/ 		308 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aec5b7cd6f949cb097623d6cd0d612eeab5cf127243fe8e38fc45fbed3e135f5

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:38 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://stud.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
248
translator
hbopenbid.pubmatic.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
510cc92c9706d90b39873aabcd643602d7c1ed822c40b21674d8af9f4303c095

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:39 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://stud.com.ua
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
prebid
prebid.media.net/rtb/ 		1 KB
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
48b7be819803ee77b1bcadee4873f8d3652847a882cc720ec820d0940d28a305

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://stud.com.ua
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 06 Dec 2022 02:54:39 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32ec879019a&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cddc22c7f3fdf44b4c915ce8e76379608f68d42131cf1e7e2e99064cb4762603

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a330cf42019d&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
50e006491908263a1a915879d5d9c36c68d21fee9554465c2258584838f313f2

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa3321bb70182&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
23b1c875f371daef0b9f9bdfe9997ed3c16db084d4704578af4dff2f78e50631

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33273520183&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
08783766133e935f5f3816c51babb1872b73ab651b39d8467e4e07a395f1b3e1

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332e3ea0191&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3582c08acae8ca98fa6c2c32f23664da518440da0770dd230f4349fe68fbb917

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a9111dd41fc920dfd5aebd7218cc30f8efac27096b1d46c74ee76a5e1d4c3476

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fcf8f7255753307157b5a6a381e0680ca30a519ad76e8f647f2b544b3a0883a4

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32ec879019a&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e19cd1cd41972db5e35d5bbdcd8615c347c2dd470dfca4cd004196c7b1314bd9

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a330cf42019d&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
243d0b527230de97fa908e3d04cb8bc93c355945103246f87b27a8b6f19241c7

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa3321bb70182&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7a3e651e92485e93f4cb99ab653e77098f191e126ecd53625f9b6d4a105cd8bf

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33273520183&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d3dd3685331842ad913ea2622519536d9923104521a69e3e761fc2ee07e39fbc

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332e3ea0191&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d72dc5366f3396ed9db2d11cee07244e9b7047965de411e0ec6550701fda7ce8

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
caaac8fb1c6a45cdfc98562012cd8fd2e64ebb06703db87a0e0b1822bb4ebe13

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b476acb11105bb172d81cd83566d4451a45d55a40b1a80fdc917e65953dcbe01

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f6f7b018d&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f2b22d7a3bac942849bf1b95f37153c89359ef0ed36db6bdc986bd466b241816

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2fcfc7e9d9cfb7a7e057d24ebd6ebf58da3a6c91ef1ecca4a1f78a1b9d1fc3f8

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
86a1d32586d12adfccd64c53812e62fbe1ba25b863de88a094435b97f7e308c7

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
17f0c0e71ddf36b7e72d76bedd6602d50707393ac12f4ac6f001168291d7d8cd

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3c49b237de4d3dff66290009c921d9fb77095d07602e0d26ab65d09e09e3dd43

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b3d43c4ade06329f0ec442e30c4c920316f0cdca421891400174138598af1170

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32db4920198&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
180f97ae92555578e4a1f0aceedef3fee9af93c325cfcce6fb527bb69e21693a

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32d581d018a&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b2635f2f74dc0c033efb462cef995dbdb9472b7fcca5ab950f68317666710d4d

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32e1e740199&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4c122aec9e8f2d45f46ad4fa6dd058429cb92117ebcf7931c0087d75dea6903c

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0a9c8f114c8d867e049cfe23ad83ac4bae5e3303add1022d81285ff8a05b389a

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5614f383999bd1b518afae26fa041f07b62de653c71f0caabe647c49f5ed0d35

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
911951dafde82eca83f2c01a15ea627e1d22adcaea1c63f50c25df1ac6402971

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ffdc72e2b5ce6cbbc34744a79cfea66c6f43ff17cbb0b32715e8817d8422f0a2

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f6bb60443b7589ce36d7fe7df1b34f7111709ec8bbc2fb561d67d725664034fe

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
59a961df1f804e5c86e064087c6d53ccb19bf0d65591d8348a2ef374c247bcd1

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
294a13825c6fdba4c89bd38681a27ff9017d8660148a1fd21ff2276afb40a094

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4ccdf5ce9975e6319b06f72cfe5404715c74320faf74cbfbcc02d96892a56f32

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
96b54f02b75739e2e1f83b11936cdcd660367f39e54e7b188b601901d6a5fa5b

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
63a735610915959bab3f33deadda8a7a32c533ab38c4388f9efde300dadbd0d9

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f6f7b018d&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
af0946d3489dee20c73508718f3ebfbf97ddc6eab6a2dde4f6092be47f77961c

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
729ee79459e1669a685373e2c43cdaf02c332b6e40f049eadb59a1ebe4051c65

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
86064919177e5221b92be4cfa7426ef2f85fc74d47948518e193724ec3d467b8

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8dc0038f88ebe21a9a17b11aacbd45ff7e3dcb50747eef1fac99aa11bd915ed3

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stud.com.ua
access-control-allow-credentials
true
content-length
62
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 19AC 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Dec 2022 02:54:39 GMT
Server
nginx
Transfer-Encoding
chunked
getuid
eb2.3lift.com/ Frame 393E 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 06 Dec 2022 02:54:39 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:39 GMT
Server
Adtelligent
Etag
b32f63d83d400e12
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
date
Tue, 06 Dec 2022 02:54:39 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Dec 2022 02:54:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
6548e2693f53f59daa3961d0dd1d6f1f.js
www.gstatic.com/mysidia/ Frame 677A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4197
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 21:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 01:48:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 677A 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:45:58 GMT
c42ecac5b0a5717c99bf1e3a0e3a76fe.js
www.gstatic.com/mysidia/ Frame 677A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b6d42772cb994d3a02eb092408136bf7d30a301feddff6495fdab708242de62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9519
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 21:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 01:48:39 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05db9a36ee28ba93f3fb2f1afd0933a093b8e193452b6a5e3400dcbe0c681537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52349
x-xss-protection
0
server
cafe
etag
5798257523372526526
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 677A 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 677A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 677A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 677A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 2B8D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1701
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:26:18 GMT
etag
10353107486223812946
expires
Tue, 20 Dec 2022 02:26:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 677A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8xwY766OY9TmB9rj-gacrIfoDMeYyudtvfXvyt4Qq4n8p4oyEAEggrz4e2CVAqAB2bLcjQPIAQapAqKMPE-CEl0-qAMByAMCqgTKAU_QS4tf9YCeR_pc7oCLzmIN3RRMQNVfuI610mR6wLrZIgV6Z9JnWl5SGWii8tu_VMk__ZlcwemnX-5KJzVu6-V9NPxPhWcfZwRiSZPySJIBT3AuBzFSlicTXJ8bw-l6YTjI_A23hBrjzW32tmjYYG_ZL4v0nCwPw_eOz9OFkgIiV5CfViGJ6e25aaF8OBGrX3ch4dptnuDTy7JIENsIJVwXASfflpqetyTYRoxzzKBmdFM02IH9gfN_-Uq_AdOD35UdCAae7PU6Tp7ABIK6846fBKAGN4AHj82jcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJzgAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTU2NTY3NDQ5MTY4NTA3MDMYAA&sigh=dz_iDLSNoZg&uach_m=[UACH]&cid=CAQSGwDq26N9v8X6f5DzKAsC2kJURo28mJwUMqxnwxgBIBM&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1670239863&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670295278812&bpp=13&bdt=448&idt=185&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6950840404636&frm=20&pv=2&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44779076&oid=2&pvsid=4274417511305150&tmod=1882247898&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sejTXTl52I&p=https%3A//stud.com.ua&dtd=189
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 02:54:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:39 GMT
truncated
/ Frame 677A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3d41a0ca07e57928f7b0d8f118103dbae128b49f606d7b281c048f67a66af9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame AD75 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Tue, 06 Dec 2022 02:54:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 263B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 10:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
60756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 10:02:03 GMT
9679402192842586692
s0.2mdn.net/simgad/ Frame 263B 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9679402192842586692
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eadcb1af465be5c65d5eb94eaa2ddb5b9148bfb9aeff3246bc75b6744646e0f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 15:13:18 GMT
x-content-type-options
nosniff
age
301281
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58494
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 09:33:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 15:13:18 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 263B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 10:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
60756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 10:02:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 263B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2dFLzgFnRfJi8V7thY2aGJTkV-l4PkWFc_hBAiqsLZQANTCOKl9knQNwgVxzkVXk3AkjthKW2bKsDYQ9e6h_t97xnYx5FLgQj_m3HEj5O5Pp8KRS_VeoBqVo34vJ1dxkOzElC__pLmkaf08JyKBjBPg-kTOKSVw5pEYto46d3FPIR2ku0u8RXBlEOPYW5Jmo7qYe_bECWtIB5bS-InHL6rZ9g0dIYDiDr4TZj6kmKlUvJNwHHkwfc1EzQQnJz-M4_u1MlHRG5oTMCBs9CF4GKPraeWuQk-PRu13uoHLgLu5r4YqusVflZN-AD9J8wYVA3S-a1xpJYo26LuUvzzMG3iuzHHzrLbCc8z6H_okoVBJbahbHhyJOAbPljRtzpellKKKIcJ_HGi7_X6XkKGAiErEnZFBy09fWB4Ec4qKzYKGdz2z4_m1g7Ik8mfyoeN_P_ZyIdiHWRGOMD7ixnVhEm6_PdWDMZ7ULO90k_bPhJ2VCtA45gVlNtQ4WFY3DLqmsPAPJcCAIeM0WZUvNKa2evNmz68M3tcNG69IAuQmChyaRFHS_HMDAWh_4K_-9hR4GfnKVpYllLoooStFStoX0V8eZcIL2BKovZCPGS__vXt-obUDsxES74ub40eJ0zfq1Fm_RxGIOZPEui2N5O0185BGPndf8ZSCbxaBjQdwRLAsXd89gFBDeOSsH9AW3KLUfMte-pu1lVT818xYPByACM93Tzz3z6KWbs-rgGPHVupWK2FEbiXVPCQHFt6mca9e-AN9Vz6ESOZSNZHnxVP3m1xGVCjg9UBYPVDR0deUpNj2z5ddexQZEiU3-ENJhlX_tRJoRCVdUrkLexyBSjCH6vCJlZUkjAN9DR3EeoeJYbAntGOtKqcJN5gyU-baa0xt8fH_4R3cKDW5ObqpiBXHNFWG6G6nSs3e9tlyDiwkZNe4q02h73Bf5VOg5F_jebdMFg6E82F-zjE82q00c4RJrujRXqbxju3jz6Xk2rV7lajIgxfpwOLLeLJHKqi8TvgyyRCU7gJ3ImvjgTjpfM_xm90uJeKyNAbL6frKG1n8p7_QWNjFqdIMqCApkY2gPpWSmPmDcQYg_bYeMGMG2gIqYSIEf6xHpEopU&sai=AMfl-YR1XV584y2JgcqWS14m9cLIM0UUYwcTcCFIIPotjBK2MzAw_ViOriF9Z-LfOH0aOB9oaePT_8EYZHLISWXsl424Fw2HEiPrt1hoMEsst_xR4YjM1e5trZ4EYuJn19iHas5sJgkwYo07T1waoW0UZJbfrY2evu_mqVmr9YVQDpHOA64ozQkvoOdtvVJX_ui72ojHLJdJaBOr2p1Qs5IbU7K5KNeFFjqzAmy5lDlo1Y847lfFCySnJg&sig=Cg0ArKJSzKsuuIYKEX3bEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221129.04082&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 02:54:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 263B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 263B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 263B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 263B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 263B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuLAs-gs_KZU-2HnQMPrsuGGPFVmO0QxufxIMMCbIWvdi_SrfvDjFumEA_LV5pqafoWcvoUtAtqQPtQLrv19EoDrVG8Pk7zZWU2zaI9uE1cN06CG8
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AD75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AD75
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y46u8C0VMBR4MKxhzh7qkwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUcgKHFuTcDB_OmB4pNdp4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AD75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPm2l03CpG2w_vYn5Tc8NN4&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPm2l03CpG2w_vYn5Tc8NN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:40 GMT
AN-X-Request-Uuid
96db948d-96b5-4dd1-9813-215f56282074
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPm2l03CpG2w_vYn5Tc8NN4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0ODM0NzA3MDQ5ODcxNzkyMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0ODM0NzA3MDQ5ODcxNzkyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNX-uLkZIZTdVoDsDRGLMqaKNZKYITQPjugE3NFrrCyoXaIsIbPgtGU4b2VI1pKYuTnfuZAnqAIj8XkKbApUC17z5mydw6zfBL2JyBWUu6wreTXpp0MNJSsUoF1rjB-33wIK00V5ym6Ci0LtI2G9FVKjH8XBiK72LRq2AjlVUm3DfjCrfs0
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:39 GMT
AN-X-Request-Uuid
3b35056c-0871-423f-9e3b-dcc9fab61641
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0ODM0NzA3MDQ5ODcxNzkyMA%3D%3D
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 263B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8970d033a3bcda6a0b09faf9257b7248067b43009c6e8fa6ccbcc4584d2da5df

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB0B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 263B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2dFLzgFnRfJi8V7thY2aGJTkV-l4PkWFc_hBAiqsLZQANTCOKl9knQNwgVxzkVXk3AkjthKW2bKsDYQ9e6h_t97xnYx5FLgQj_m3HEj5O5Pp8KRS_VeoBqVo34vJ1dxkOzElC__pLmkaf08JyKBjBPg-kTOKSVw5pEYto46d3FPIR2ku0u8RXBlEOPYW5Jmo7qYe_bECWtIB5bS-InHL6rZ9g0dIYDiDr4TZj6kmKlUvJNwHHkwfc1EzQQnJz-M4_u1MlHRG5oTMCBs9CF4GKPraeWuQk-PRu13uoHLgLu5r4YqusVflZN-AD9J8wYVA3S-a1xpJYo26LuUvzzMG3iuzHHzrLbCc8z6H_okoVBJbahbHhyJOAbPljRtzpellKKKIcJ_HGi7_X6XkKGAiErEnZFBy09fWB4Ec4qKzYKGdz2z4_m1g7Ik8mfyoeN_P_ZyIdiHWRGOMD7ixnVhEm6_PdWDMZ7ULO90k_bPhJ2VCtA45gVlNtQ4WFY3DLqmsPAPJcCAIeM0WZUvNKa2evNmz68M3tcNG69IAuQmChyaRFHS_HMDAWh_4K_-9hR4GfnKVpYllLoooStFStoX0V8eZcIL2BKovZCPGS__vXt-obUDsxES74ub40eJ0zfq1Fm_RxGIOZPEui2N5O0185BGPndf8ZSCbxaBjQdwRLAsXd89gFBDeOSsH9AW3KLUfMte-pu1lVT818xYPByACM93Tzz3z6KWbs-rgGPHVupWK2FEbiXVPCQHFt6mca9e-AN9Vz6ESOZSNZHnxVP3m1xGVCjg9UBYPVDR0deUpNj2z5ddexQZEiU3-ENJhlX_tRJoRCVdUrkLexyBSjCH6vCJlZUkjAN9DR3EeoeJYbAntGOtKqcJN5gyU-baa0xt8fH_4R3cKDW5ObqpiBXHNFWG6G6nSs3e9tlyDiwkZNe4q02h73Bf5VOg5F_jebdMFg6E82F-zjE82q00c4RJrujRXqbxju3jz6Xk2rV7lajIgxfpwOLLeLJHKqi8TvgyyRCU7gJ3ImvjgTjpfM_xm90uJeKyNAbL6frKG1n8p7_QWNjFqdIMqCApkY2gPpWSmPmDcQYg_bYeMGMG2gIqYSIEf6xHpEopU&sai=AMfl-YR1XV584y2JgcqWS14m9cLIM0UUYwcTcCFIIPotjBK2MzAw_ViOriF9Z-LfOH0aOB9oaePT_8EYZHLISWXsl424Fw2HEiPrt1hoMEsst_xR4YjM1e5trZ4EYuJn19iHas5sJgkwYo07T1waoW0UZJbfrY2evu_mqVmr9YVQDpHOA64ozQkvoOdtvVJX_ui72ojHLJdJaBOr2p1Qs5IbU7K5KNeFFjqzAmy5lDlo1Y847lfFCySnJg&sig=Cg0ArKJSzKsuuIYKEX3bEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=302&dett=2&cstd=0&cisv=r20221129.04082&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:40 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame EB0B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://stud.com.ua
Date
Tue, 06 Dec 2022 02:54:39 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB0B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsF3A766OY5bwB9DigQefrLXgBwAAAAA4AeAEAg&bg=!BQalBkLNAAa7eOFIm3g7ACkAdvg8WrTAets_xqUoZvdPqAxamiDqRjIvhQkd6lKNmjSu03mK3c0MBQIAAABFUgAAAAJoAQeZAupojZm4TANvc_OHDd7la5N1jAo3vwA5GWblF91nsLczzeF873evuNQ20wt-_A9mTmU515M9CJMuveQvxAUxNNc05FmvukHfz30lbfPA64Qbe2yu76ZKdsx3VbMXJDsXwkwajKpI7QZLHd8DKLO9uOwyA04_enZXaoP8QCbmEpWL5oW6xIA0XrWDmrAVhxYg-gD3g7UiugMhQ_VwFTRINtXW5r8t1t_i-9UbTaz7JOumA9Rr72jQ1nICxLjERKhGaJW9Zy1AEeMdaw21xNcDY8q5SxhEhKbKEoqlk1hQXfzINkuNOd0DW_yacYegSrRo_f_k7IdGXAtk6qCgHDoAjLXMk_colekUJ85usmvDWhT3r8uh9xufoEoGX7DuyLh8h5Bms2BfO8kBt_HBgppZnqs9NkjZ3bc9TFXiRJvYznXHbtaBvpD-WfShe5aa-wnPOZhBK2WV5lIwrcvnbxnm3YIvUbBLnq2hLQohwnzm0gVIk1wCdoyrIVnpLK_lKWaXwNqvldezwCVVkVyf8gT1N7QHx4qeYQCR-p9_lnSqLXe6R2bg72UiO9WbmsZ6d_dELEKDQFSmOS2RQaH5acZLaNp7QK2CJKwCGP9VdsQaADG8q_Z0UoWJB3xS7vwUoZmAFrsLyvjnCc4ahZJHbCIx6i46yYIxFcQywVjAfS2KlwHbFvKlOVZSxVYhBPzHg1T1xgcgQ7t97FOyllkDDhIdtOL2XnBPDlA-KzaQYLldnoAqyQsM0oAS7RguMHc59uJ8ALFQuFj5oPnPi1Ci82AgXh_tmUR7dqighzhE_G2sONSInbad8dBtiqKFe3pG7oTMHlJe1oc7cgsVu4BfUyLHbklh8Cwdb19M2cpD9vGQO6I6LI6sjxxElplfugBvAscTc4hKzwkj3gKRYSNew801z0YS-60yS7TPuQhONL4PmloLsyoc14bse1-1sFeza5uZKLQID80Bc7Q2OMa7bVYxRfX5eOzWBTYBUiG2Lw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
support_protected.png
studlancer.net/images/chat/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studlancer.net/images/chat/support_protected.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.73.237 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mx.studlancer.net
Software
nginx /
Resource Hash
c02693930661ec36a19ffd13fa984ddd5aeed9caa1cb3082efbf066b704fb389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
last-modified
Thu, 16 Apr 2020 11:51:05 GMT
server
nginx
etag
"5e9846a9-2db8"
content-type
image/png
cache-control
max-age=864000, max-age=864000
accept-ranges
bytes
content-length
11704
expires
Fri, 16 Dec 2022 02:54:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01803763e527c47fc3187927f42ff54845d70372c5d69c39572ee55bbc7ec799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		170 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4274417511305150&correlator=813269883017320&eid=31070872%2C31071146&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=21931593928%2Cstud_970x90%2Cstud_970x90_btm%2Cstud_300x600%2Cstud_300x600_sticky%2Cstud_336x280_right%2Cstud_300x600_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C468x60%2C728x90%7C468x60%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200%2C300x250%7C250x250%7C200x200%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200&ifi=5&adks=2356313963%2C3948463034%2C871671332%2C2528135921%2C3365877365%2C3893891016&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D2d26b261fc1b7c0a%3AT%3D1670295279%3AS%3DALNI_MZP3mTGh0Jt7ulD-efw-JoEoJ5AYA&gpic=UID%3D00000b8e70637430%3AT%3D1670295279%3ART%3D1670295279%3AS%3DALNI_MbWv7_MM4UV4lr1j2dXSJCIC8jvAg&abxe=1&dt=1670295280372&lmt=1670239863&dlt=1670295278365&idt=529&adxs=10%2C333%2C10%2C10%2C1260%2C1260&adys=10%2C3659%2C204%2C565%2C592%2C1216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C0%7C0%7C3&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstud.com.ua%2F&frm=20&vis=1&psz=1580x0%7C926x3372%7C300x0%7C300x200%7C330x3468%7C330x3468&msz=1580x0%7C904x0%7C300x0%7C300x200%7C330x0%7C330x0&fws=4%2C4%2C4%2C516%2C4%2C4&ohw=1580%2C1580%2C1580%2C1580%2C1580%2C1580&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=523528440.1670295279&ga_sid=1670295279&ga_hid=147964406&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b7f1cc2602aa55158b1f9a4407c166eae580c0262fafa0eb1f3581c83b68860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46938
x-xss-protection
0
google-lineitem-id
5822238697,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138369551698,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 236C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
21362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 20:58:38 GMT
expires
Tue, 05 Dec 2023 20:58:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 74D0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7ca2cfa0db1a04fa539b48dffeeba6c580e124d10c5bf0702f96e38cbe63a41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ys9ZwHiDnGjXz9WvsOIMDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ys9ZwHiDnGjXz9WvsOIMDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:40 GMT
expires
Tue, 06 Dec 2022 02:54:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 677A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbOCpeFCn0B4kg-CeBGyEQvci12cQd-aUTJihXrduPHZbcIJiW5348UpE3_eZw8uopsqbbSG7URscV7O1Olc5MofpUX4N6Z7tg85_gs0g09X1eQwNcYHZX-UlFqk96ITo9lI8A9OF7UByJ5tHRvkOLAA8U3C5_UafDJdP4hLtVqIMIrfWaA_vJaOAkIMXbtgX0sMhmExs4hBjhZgXQDaTwhhDJNyyvmgZdePWLPKbz7racFqqSSSqNJq5-QEZfi-_9U1M3eoMgmfD97vyuyWhHVLBLyRtuLJxB7bgPTeCsdkwGY_IM9J87FK_lG0PPY-Qal_AFHQfFBE6eCE42TAHX-XV6-8kXN4auPSU-eEEekPE_TjrWfI5rsEXf_Drk7l2YSPuANRVst6W0wbOtpHLpiw7z83eXAtchx8ktAxsT42lQpEvH35kFCVOA5NlICTXC1ExUBFk2nVS6zde-k-LLVRycRNHgENxGeLGXqnDE5RDac9oqIkkzN2UvfjP_LKOPGbOmHNf2xESfZ_p_XNw_w6mbW3FKKt6zu0iAidw0CNu8_reT6GoKj7aNIatL6qvbXFwQWN9aBYDTkgcjlEss_Ssn6eJjUYsgtqFMjfZv8ZhhaJvQ8fdFd88nDJ36ATkqkT7LvcFZHZSw8qAb8_fS3QCQX2s3lKFFL-GMflxgLFQI1CgLyp_eNMz0sZNAM9sdxGW2PF7Qy5LLs1IaMgczfDNZMIk0hABS52oIPpnlXslCMMCZgHMvoaQUVNWH1lpq4Xv7dvreaYwdTbKp7yP2xXLg-XSYhZcfjmgxqYsiR5hrzn6SvemLZ4kS79E2n6ZOaKWtRPLclcqlIprxTZFSGfZofD9vBD9F-kFj9tA3kXBaXA3j6Gt5SNquL_fnRcNmuTnz-C4HsjBgJGU1LwNz6Xwj6RN3AoOb6D95jX0&sai=AMfl-YRru-VKWT0nMfjr6_0a7xEPzDzGwnLyoaeRdKgKpK-PN1LYEO6Gmfk4FTOwHuN967lMvu-RICsz3aMgIU_MCUYKfBDNPHlsuZx8&sig=Cg0ArKJSzPrHog6A8kYFEAE&cid=CAQSGwDq26N9v8X6f5DzKAsC2kJURo28mJwUMqxnwxgBIBM&id=lidar2&mcvt=1000&p=0,0,624,330&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=22&adk=154644959&rs=2&la=0&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295279002&rpt=805&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 236C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8629 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5LoR4xcEfBYEk8oOcjbEKc3GaYJ9aamre0hVrxFGxnvMyg5ZoYGwQNqC1WGXw01NUubxoI2i42wpM9TGKMTecXY_PF7xbfHt0McvkihMt0s5DeQZybEvfE3cUroYHITjbj27lIjwyGt5xfIeXP99dw4SaIneUxJG2H1xp3_GxLVE4W3IWI0ifu8L-9R3Yc-AGs0GiY4Q3D3P-Fr94rPLJnt6puKuDNY23rfOYtO8VN7F8MsvC3OGt8JqJurJJx8G0zytkNGAB5He0Vj8ZxQwU3vRi12FgqudLy1t1UWngNJUHFXUK9XrnSzML3tO4&sai=AMfl-YTa8y7pGxaHTs5SfPOXo7eZRLhOOzVk2JsloRRHGUdM6qL16yzanwKWGepkgAtBOHVmGFCr_hOXkF2nzk8pL79coBfKKSxKHt9SPrvtDZM2FjMX3mNcgdEFO9J-BX9H&sig=Cg0ArKJSzPkWbWOCxd_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid-loader2.aspx
prebid-inv-eu.admixer.net/ Frame 8629 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
2a6c5531a4cc2f59008e50b5c9f753eb0e8306ee8aedabd39f3170c21d4ccab3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
Transfer-Encoding
chunked
Content-Type
application/javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8629 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:40 GMT
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C17 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:39 GMT
expires
Wed, 06 Dec 2023 02:54:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 236C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mO69jQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 74D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=4274417511305150&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
prebidcdn.js
cdn.admixer.net/prebidcdn/ Frame 8629 		214 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Requested by
Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b353cd7f22b22d1880bad88087ce835ed56af66c24d95ef6963977a3dc24b347

Request headers

Referer
https://stud.com.ua/
Origin
https://stud.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc12
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2022 12:37:50 GMT
server
nginx
etag
W/"6380b71e-35759"
vary
Accept-Encoding
x-cached-since
2022-11-28T01:51:44+00:00
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Nov 2023 01:51:44 GMT
load-gpt.js
cdn.admixer.net/scripts/ Frame 8629 		561 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts/load-gpt.js
Requested by
Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 12:25:34 GMT
server
nginx
etag
W/"61e5603e-231"
vary
Accept-Encoding
x-cached-since
2022-12-05T04:25:17+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
access-control-allow-credentials
true
cache
HIT
expires
Wed, 06 Dec 2023 04:25:17 GMT
truncated
/ Frame 8629 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1761ffcd267b14b9a9d3ae95e34958fea41fd067f2a59c800171a32965f4c72

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6464 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B2B6 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhOQBj4ske8CYYfuxPS2DxqAHP0rOxGL5KRgGExnYZZCXUzCEcWHgJIehnEyoCWFR2LcCBV2R3jtjq9jwg-1sKweLJoKCTd7a70FFKO_KmTBbgqws
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8119915948126591309&x=1&ct=77
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame B2B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985913&sid=18330&dvregion=0&unit=300x600
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame B2B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame B2B6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
l
www.google.com/ads/measurement/ Frame B2B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaBHLdmqgcPuLTZA3qM8YEh6L7GTQgvd1K4-SwXbO68yCWYdxY9WdbeBIZF8L7m4hhVeGFy2BEfSDEvHPCaw3uIORD4w
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2B6 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame B2B6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=8119915948126591309&x=1&ct=77&dl=0&ds=0
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BA48 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXbCZqgTD-XilKu-wqeT7weibLDsRHUbjp7G5NTrCdHBjBdpfTmkaFMnMh5NskuRjmmUaMLaTpXQdkLl6-KiZ0R6E1voBxgCCRziSsD5C0uDUe-6g0l_qDH4XONHPPfhLGdmXpIokU-WDKSc3q2VR6cRnX3Xeh7vSe0NjC-yRRjQo6bZn4
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8C17 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUt007-xILn7lo_B3_v6jc0rDHytXDllm_kcjejOIlgCWL-Go8soUtvNwiRyi6yM3-cfiL9oAeUcHGNQg7g8yUVUvdspBeh2Q5MOg6_PPVWY7yiv8
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17034531157143050342&x=1&ct=76
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 8C17 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 8C17 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
l
www.google.com/ads/measurement/ Frame 8C17 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1S2wFKD0NpF_D_t_e9f0c4LWePUs1RbO05N3l0p7S8rQR1hcqMBLy86T04leHAcMCnoliFGEkjtbasuQ2IH4LqvGVIQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C17 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 8C17 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=17034531157143050342&x=1&ct=76&dl=0&ds=0
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B2A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDhJe8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTmAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXgF37yhKQVAYDj5a3X2nsVAlrqaDpwmJLXXWqdiTaPirXOBdn_Q24AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGOOCdg&sigh=Z60YsTDnuCs&uach_m=[UACH]&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B2A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h5sevzfrpfsjh9m30amhrakha2e623knng8xcstp3zmcz0arysk30e74p72phq0bge7ettm1r3htec91trcje44kmg93w53913nds9q2ckmxp9thfcn3hjsr73s3xsk2ns2jrkbe7vjv8761wwcwk05kaqknq0yqf5wnws0efj3rvpm0xc96mzn8r7we52fdgqwkmm9qacdc117pnma01xvyje9wmcdwe2fxfv36f1wpwaarzc3z5crxb93p3qpxd8vb6bwb8av4s7b7enkmnapd0xyff74rbgbms18fvgcjmy7xsxmjphtgef6vq68q7d0je3axtprfz7wzrvf3xp5cxpfxk6yk8rs3mx8a6jxpvwxa5j3t6dv33v6t3cq0d0p85bj67nfq6g&b=Y46u8AAG4g0H_aADAAWdCiFeYBZOlE_NfpmL8w
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 278E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b6b8aea42f30559b3ecca157e2a38ad0e362007f152efac362bff5aa7652be
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7751bd03c81223d3-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame B2A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D795 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 10:44:06 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame B2A9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
l
www.google.com/ads/measurement/ Frame B2A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWcktT64E5ZnKPvmTLOciJOkTVJSKU2ZbT5ij0-qytfWpTCGjZONh77ZWEYNCLGsbd_aXlEIrcavOzufh3c6zSkKyyQw
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B2A9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
40917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 15:32:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2A9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A8D0 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNUNnR0whksBulEUZ_tyN1SQjb4ZWq_Ly_spPOeoFBwyb2tBDhrawL7iJecsqYS_qjwqxkFuqIHa_6zRoZCK-YXzZzlVbh-9mSoEe-2UfzC5RLsX_OPQsHRV-wO7TLw4GJWmPbknvzO2gK1-z-RjTcvgy7d1thLCReMjdeGh11J9ySQAIRQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A2BC 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 02:54:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAGC7jFM8HyXp3IkOnUcbiMuQPfgwF9a5dxPk0Pi6iLC3udZ14Xg789d4iu5g6OQV4CI_N9ZCE3baP-jcvMsGJ9I6gMUD3iPnmQaIRSxPN8DIblAc
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13838816206504473058&x=1&ct=77
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame A2BC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985913&sid=18330&dvregion=0&unit=300x600
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame A2BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame A2BC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
l
www.google.com/ads/measurement/ Frame A2BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDXihRkvjUMy-0KJLOYI8lIupGDfR2PTytZz2vKhvU2s5JnLmyLgtQqXZqKI99MCMWG-DVB7Qhjb4g9bKHDUS40UvUXQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2BC 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame A2BC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=13838816206504473058&x=1&ct=77&dl=0&ds=0
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E2D 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGMzZ5tQBMAE&v=APEucNU_LjVcPUYbTmSgR9MOJ9KRSUjBKhqPR6bp2Mece9yp1wNnpteXctei1I81xii0blFqqOFLmrEvKAAxu24YfnZY7TsN69Vaza2kDFd8U-PpIeBXrsg6hNWnGEFxxYEBK7ir2Nd7-fWADYT1fubEpGWfg9ap1CVW2XQy16pNwNHdrJ7SH84
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 46E7 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5TffcG0ZiTnUeDvTTvghjCvezFILygqCI0ZspCjG5egQuXqBub7YRSZfDlc2g0qiofOBBmN_DvNhYlSmKGrXjiW2xGJblNUbmEqJxBNrNDN7_2eptkJyKkZiZM0buFT5or3l6_I9ytSUI4aZC0GjG47x4i8p36rqH8pgMH-hVRQrSFgg&dbm_d=AKAmf-CIuEltSKM7I2MNmFZbdHmzHzmNIpgu3Ed7pyHZ_FQhgNaS0UJrSbA2GtKHct96RviwPZrZRxCDCHZVF2tXmfLNTpEjZFibNLYF4UCy_Um6mNkLbv1zs-g-GEZ4tpe7-hcNWaa_ly0zRsNfoy-89lQbSW0doGfUcP00P1UWotPLbIJdqI5It_YWgHH4_8WPDb1pylmsjXopGJjvFAfAGTdBB99gjOmAEUR02rN12CH07y7iTzzdGanznB6ZrzyhpN-RQ5Kt_HqFnx-DbLWuDgvCjnOzsDI_LUN7PVKCHhqkID_CSe3ylsUowy3E2oj-3b-8NyJsU1dYbzEOOIIL2DpxlM82kVj2s-wzBJZ_Pn4rYx4F5ZF4yBCSGxW7hL9HFZUdKsolOF7dG32Cp1ev5lclxfPhC84fbnoCErtjSIdYdhm_A9U6TOfiS8Gdwb5VPb24Um3Ho669JUYIOiPqRYO33bAi8tV7CN0KJXgn84dyhQJSnmqiNDICJ-tz9yl_lKSS7Pw_jGG3svNAa4Cu1cgptrcOwXxUbFyIqPM8-8Pc1y2U19UNrZChZYlt9E8hPpf5H9euSMDSpBungZGENLR_sTVIR8hScYWi1QGeeGgCigwNNHgk5RbmMtHQMNCVsJpS5y63SqD8BBf5ShVzwECwDUiOVg3Vxw3LODZpKGMob0C6PP3erlya0jU1Tj3s_7bZqI4fvSQhKzt3xsnzOjOst-BWkO2h5GVCNjSm6bPKJ94m3sua3vMfPy8v8iH16FaKrTBLyHiD29IalUA_CFv8QlEnGf1SMvOd4iTxYgt6v3Z0Qfgd_nS0IVQiRnFE17I8KnYDeNz6lPHNkNwewi2QbAmoDO41SjUmED5zkPJU8Tx_WKwrIVpKfoKjV1Pw7SWwXwT5OSUvzDZTmgpo8UyQ-yFNH_McrGsytrvjiBE7yd0pT9Ode8GhxTiMGLgliojtMwTAFUWBqQInkXTAwl2hiFO6rI-L-bnIAbODcUVHv1DQZ7hAPHj3mM07dFnwrvKAwei3V8EAKISwuwTX2XSrycPTfkTkqFPovd2MbC8Zum7-XwrFXncSlCND6EpO6EZRSgd7q4SZZh9rdBRwSzfEI7V4Xmb0Uh4Go0h8pj1TLkBXj0yuptq_ZDLKkp8M9aHfVuMgwvLDCBpOOU74sPFKS9_V2ekI25C8TbUA2I9mA6tBaZ4kPPDNiz0fEomqcL-UQErDCVm16pqvLD4NxGDWfix9qqeJGgIRxDxwN4wLsjRnMj4VRcXkbqMgH8jYhsi5sFJhL5ABR24ZZfnzYHPJa9z4-N6g6wrs-IVaR2_bbOTrUu3EULPbUQyZPV9b55mUdrmvQ9TkgkVVlAfNcWbjgiTWHYq4ynF6cssNBpcXFjkho-p1K1FPHyebZwF6astLJcmOUt_Pyqd_mTJOExBUpsZCkNUkIWp6VdLWKbZ4cgCK01vM-yaboflEWp8SXe_XcBEOSL9-iwK2jtstvlc_b5ymxO8hm877ge7pYxorOOnEiTEgENbpTEHndOQow7ROJQs2Zw2lgocnfCBTe_-o_qUi5sM7yBALW9vLltB0L_dFSthrt7JKk03BDHphp-jLYvYWO6aVGyAdDvEhqOZA5XSrHv85S0z5YNuuyGDASI1-xCnFnqJyIjrQ1wd9PpOwbR4Ij7sh2WrcAUeOQ1ZpIZtaTICuBSggjQwowuVWYUOs3pJvHi8GehORMsoBDhhVUUGL_ZXgrm55hFvI-_71_C95RLl1lZw7ducqiqKG38wmMAblR6AO8agrrtzkuDvzTQe349YRHl10J9D0QzR0VK-q9tPe7CxcbIEFum49xEOTNj2DXk2Nz7oyMWn0GUj0CK1tDh7RgQZ9gUft_XgRoZYp3cTPX5v9Q1zd1wjWmQhDPUcCZb2rwzPZWZbVNph6bblCd_ON3HoXHoWtUg1Uj_haJAgy6y016J0qz6n-oFfyrYpPwK7SOLDZ2eFP1ZEnu19mqpkZ1XVD1wo8uMHVoYoub4JbOByJ2VFYlgL6viTlu8S9p1Dik5PFXZw5P29VvczYy0DYdFuzu2xpnzsgA7Aw5wObxIBzfunuWiirWjCVcUygq9dnIEyn10shZtxeRKJhqlI0cKSFDTqCQIDsExncQ4DjKVbevlYcPh6lgPgcbzz4gsr0oLZfJngNVHaBvuqYgwKBwkZXxUttHGbNVjdk98AlqvwCj2CuDfv0-5ZpJNax-ZrkQL5llT1xA3OfVV2Gs2T5yXAVI9g2jxtV-FBdFNNLX95eoJ2XSI1kDNkNSUzOVAmfh54mUjZ4Y5wbB_zQcbTjR8aiSw-3H6jg6K5yR-ozlYdYSbXmVGVKpbDEwuLjtVEcdf1s9yYAMHdZnp-cn-z_lhJ6xsd-AGzP8WT4MmRxobN1-R891BsUKV9dna5wvDmNuQVzkOq5O5Ag4i151P45VzK4b7gSXq1o4ib7CGTv-19-0Gy1szFwqGnxrgzUXdAgFJ7JnfyCK34MLn50ll_I4SiizBblFVvWhhZLjfc9QZNkxP9-jZ-Rn2T9RSG_F0OGyUPoHkrWv-tuXU-nakRV36LOOcWscdZYc5hr5KMU6GY9qyqnU7SmmnpgFvPs8JoOEBCHiuvKvso2ioonwC2cPZ_hHwB3Vzya4WLWZHXNgBDZTiyIx2EiEJs9D5djdu7fktaYDNwqOXtUwSsHBlk8QpOiGLQzeT0408rU_Rd1TXDx3Qr7J6okF3Mt4b7B22XgC5HcHIwSc8G1rkn7g0P3YN-VEet4McQEWYqSmPvXG6A8-fUrgGcBBzBo9hKTKnC4O5f5BcV_TFpvYfla14IR4Jf7PQ_n9rqKGfhwJOe7FdSPZtEqIDBOG8f_W6svoDH4cQWxsDfd3njQNzhh6_g_Jc4Q4wvK1qlxwMDSdy8t_YdO8cwgUVGfUfqEJKk3feIupx0Ef54ZVMBYcbq3AZlRIrT-fWyxqRz_gAqINN72Q4iyhmZEmLOXiMdKs2KfCSwGHWcJ-8RszWZ5oAuEp_J4_yjAJpNQeWbp5Q0sXZ2OUzGVK-SA7TIlxrzddpvIyKzfYm9jI08RDnxP4U5iCZZuPtfg0Be4GMNhWkodGJ7D5Jwrn2tGOt3eZkv_7pTvusmTI8LeN3zjGTZtOFVqbYKzijh56a-JcLFh-aQZfgvNjZ6bkGToF_HzaOOPKEkxgGJdEyVe6lBJz4wflqim0VGlo86zfllocjllUOZ3VhC1_fZQgh3AAIjgULaGQGGxN34xzPKvX0EwU28cCiteLcgy8wkaIQzcLgKx71cHC2hoWRmCUU6oTqUJcv-mYfXAgGCzq_jGkzo8Y99lBJj4LUBPQmujfpaSSlkzWq9TGw&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&rfl=1%2Chttps%253A%252F%252Fstud.com.ua%252F%240
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df685fe7d21457a0d689223ab3352eb28c7be8a8c63c768471c4897f9f2903a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37395
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLIceknIpaRMKYrF0eYyxnEyCrI3ar_1u2ZPjbIx-UnNVQYc1Ugr5bD4-b78Mc5GRK0q9JGAL_yAB8Be84T17PfjdGHpG7AVWgxqNo5AQWNp5iPTI
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 46E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 46E7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:31:24 GMT
l
www.google.com/ads/measurement/ Frame 46E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzE_DveCOxXXXUxMTu2IqdKT6Ma2EqkQJFGgTkZ4SJbrHJU6Jlxof8TEnT7jqLP62wQFQ8lKNAiKpJZJcijod-BNqo7Q
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46E7 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 02:54:41 GMT
sd
us-u.openx.net/w/1.0/ Frame 6464
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBfca59XaC20dFGnzXAK4w&google_cver=1
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBfca59XaC20dFGnzXAK4w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBfca59XaC20dFGnzXAK4w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6464 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6464
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEM6HROz8H8-qagos217FW2Q&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEM6HROz8H8-qagos217FW2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 06 Dec 2022 02:54:41 GMT
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEM6HROz8H8-qagos217FW2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6464 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNXFWu5ls6_84Ic1nguh-rhfkukqEXcClJXky1Cc3iR2R1LuhXjGZz_uWgGkTti7vEvxzYk1L1ZqDF2jSkv1RH3gnQ_DvwX6PC28uhUZCtVPTMZJAXNkgH_8YmAGbsqVGl3WEQJy2TIJfUBse3ZuxMMcbPEyRs7rUl-VSVWJCgBR7iEb0wc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 06 Dec 2022 02:54:41 GMT
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1502340552170&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1502340552170&version=m202209210101&ct=77&x=1&cor=8119915948126591000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B2B6 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKDeHZJDHes0X3JBGmET87PGPf1DT1_v7JToiPyq6sD5vDovWmDi6ul7LtmcLEl2K9mwixr7Q8PX0yFPWH4d_xjB-oO9fnZHfYbZ4BNqa5t_8sgjcEUt6A9bvfzmM88_bi0Aq2B3yj8pM5XqaSzeoGP5rlnCuZG3wcKnvBroQhzCT8yVI&cry=1&dbm_d=AKAmf-DkW9ANHHiZXiRm20nVcoYbUggblaKVI_XXtSB1VcNlWd6ikWWvHQYgvo6BMrU0fYSPeOPkHG3iLE6A6WGrNjTDQfDd0h8GgDqIvymLJFiVPllrTSloGMwxbKi0qygzidWXsJl8iJa-nlmnLS0-ftiMxXYEOVfr8tyROxIQVndDz2duQLMrNLDuR7WT33f8VnVs8qbwwtxL9ih90yiIDh5O-0mZxFZJeAqHv4eVbn4qtnVaCpNiKDz1G4T8QwtL_djuIdu-gCU3XXZfoOsPUW9eOrwjIPJoOX8UFh8yKGE1Wif1lfTLBM7SZZ1vHeQhaA74Q9jeVwn-9dGAZvWtJPB-XJyFFj3j7K61iAbxApDxogYTCwfbYRiqhM4FXqUR0QoiNWOVCGl4z6yv-GTQd6Yhj5w-3pUfBOxhWf4aewNvjqGrLjqHj5cEV0UyZ0mtVrZwjPx2cGgthQY-zzAcX-PKnb6Am5Yb_87elVTnRtZ9rVprO4EbtJI2a66iU-yWOoOhhLNvq0GPUaX2tN78Gwj_SvrlApkS4yDRlqRb0t9J1BTpEJ-R-cjyzQBYEoOqWLw0eIEWoXRf0N_QrY04Y4l0BYpDyY-jv12_875fZbCTg6v0lXdHXxHnocIO2qMfdr3sZteYXTeK7j0_wNfvGb0xE4sDUY2CQOhNVUrAt0SpKatIDfO2eqcTETKnK7utIuqRQr9GjgPnDTeT-moF_bJi7Mv8jMSFO2vFLYacn-u35O1dYqYKQuisJtBruUH8OmehRJwRN4rCRUJIErnNzN1eNdyoV2jP0yefeU3shojU5jZwa1dD328KPnFxcQpZg9lDy51h72dvwwMEUeFE4jLrwdPGB4GE6EX8L1Pec7oy3k2Y0Nj_QxJaO_lzRZakCuy-kZi8Mra9k8tF-sr2wEDjJMUhFnAY1r_OynPOKQtpF2xFYgJJM3jwmKnlAAvPJgXhgawF-zuuzBfjlCvfHoAUuJNQQE-tkrubgCsdK8dBSNYibZ4P4DzL_HSNAGOBTTmEoGkYqiSizTtiPmueaY7tEqmDn4IF_0iVJLtgpGwhN3DaPPv2N3GvMHFkVsDr8m4z-lS1oHZLPPW1UiSoz58bpIVK9X0PnpxD9lB8ik9CNeNH4fnrvPrgyAKjjz2OBN2k3tTM8G6RttFM2TMkLikAoCzRvdNJIs9ONBC_631fIzeMHRA3LZqF9Rr3G7QdCnzRQH9t1cq7IovqwtU6CRjOsf5ReISn6g-PFuGr0R0SGIVYwVx4O1U5_K0RaxDfseOhLx-pnvvyvJKn4TWIP-KySE8QorFD9a_xc-CbCGglfhfyZyK-I9nCsOEDXHqpLrsD5f9rsbhQkVWHxZ_C8go4DadRwbT4A5nfVBsy3ZdJ4QcRwV2b9GQIPq12BIdUepg9XmfdG6k7Yb643ywBGK4uRovOuLo32XELCGcLuVhT2YIKbmcGwj4Jh5Z1YWeRdUQ1DXWlqFmAWcVt0eUwr4D9w0BtfUswdejmI1AKyiL1TPvEh_XL1wvgK-zmHXdyw8__rTyrIfg8mUuke2nkHfTO9o9EfOutVLO5cex9cQO2xVfgqxjI-3DeLqTTiiHodoBJNOHDOCyBobTMmtDGqPCjemsBI4qM1T6p2C8yNYTt-FTro2fPQwsSlKNGAp3cPph8b4V9FlnSrCGdVABNF6cUexkX565aZ7PsPplCsAhhNyKR6p7BYBf4sa8128ZDH13KR9sGcu5J9teeA-calTY1kLviY7B80w4qNHqZzVq_bxTm_dEUgAnNvhDucP4rmbmvzFOnnQd6ozbCndv-SQ3ArUR8IJITWfC-qyd8xHX45fY77Ovp2CzlynqVATB1Educ5aFgkdlNDr64pVbFOyCiIvaOmsb3yoY5rGu8e2J7evSKQeFVg5nDhUaacG3sTLVGTsQifypzoUgGQDbDf_8c0fMbjVsIkP45pq7OpFqgHIAAPqSDAV5tBpE55CYEabo_gQJAVmjbg3lOLtp3jGj0cprAA0or8iZc-tOtj9Bq63ZlkeeA_OVRHE7BpBtZoxYyhv4emKu34eYKq4g0EW24xNYGx68zwxIQMlw9-aEua6D2laHexXwYBaCnbOWoNAAOHjmWtcDEllzzN5V1A5ZnjVxWYbiFUKjOqddz5cAMoABtyFrc0BFrvaaAFjObwcM3iYqKLNSguvW7lSScuHSXC7Vt9XyE5kUUC69pBolBpQoov0IzcphRK9OPEHRUjy77NgCDcCYD_gU5ErBfEmCELUJV9xf7iY_jl8YTu_waWZ6_ffP2rtwuZgnLwoCByw2E2b95epE_OQneLaSBefFgdu4_uzmSSlZc9Dr-bhu2rb8452qOOfuEpnLAAtaxUIPJvszq0ok6odXan5k8iZZR_pm0awu4ISzan-oNi21aITvonPvzzFqdHH3u03xZz19p6ovka60Jjepw6fcu9OMkHVl6sG3BX2sH2MOxkhKkQg5_vHP7GXbB2gQ2svXZ1HFRiBultQiLxyU93TRkzYrY5o-OaJJa50OW6Wzf8g2cyjApSs9gYnQ5Hzs9AhkugKcpH7EJZ2GtdAXWH5Vs-7PAoznG7eShVtQUH67wKMgSztwAmtj_19h8hecBBk8MTo1yS2uV9Mkpy7w1ZVr2BFAhhSBvvaiO17kQ_7kSRWHUbHcDgyRSI8MzojQ6kPxfZ_kmErFMQYR83cGj-dWUMVr8FhWCxFfT4AGukFIbTmly0pD1WXursJR4-tTDiuUwPsSA6lgvFIsK4Yq4b0f5H6jmua8UIxrZK7iO5LU3W5ghpfoMreS2fMgy9am_Y5nIHd-OZg9y9yr5605MCFh9gXKtDRHFzU1tnOfPgKzPYbY2QCglHY8Xu5c2XhR8zhiw88fL_ortfR0T9PlbYUTnhLdlukyKnZm8jS9janxpgQjlinUtltJ4hnwCkPEMWkFrSRa_GmmPlGAg_NnmAILfSzbI9nOaGbk6W3IsEXob4R8JSh93Ttnz1SZHkcasDSQCez1BIp5hByVrZT0vccBnQ5SMYTflCHlxsYGKef2ykiObD210J-B2Gg2_sGaBDDgWBwl7gMCeodkHVL6vmwliuAXnZ9pt2Ag1m18JoS5C2Pi7lATf0zvGUm3u6tGnDIFslu3Xh6e4ka8Mkxx_w0VCq_a-F6pLCrMxOLKBnG-i01Jop9bYc_5abBPDuLMkKjHjmBjj3xJKq1WRa_V-eyrcVMR27M69UMbr2aikShBYAXqwGoaHNqlcRW9IvcsQsF9wHTmfCYWLLYuXTy6C-x50k9MGZ6Sf9KAqG3cwSThF0IGXS1CKZFnAnpKDjJjYxgBjd-EVqXe8FiJrLfWJDw3yXcrIg2o2dkFvrZHvDa4XNSOrEvoht1wjkmys5Hk2yay5VTVrVuEFhkww0ZvNk4lS-OVbRRZ0uvwUJ5l307N-TCUZfpnaEcCtRVsTV8HIXSJZuvuSMAGN3Y8lVBnf8QuVwqj5-x0ZMP9k9dpoOAxAhfFXwpD5bpM6ikEl4Sb2Oy0sdsPWG4b2Ku9W0Q8kSGbiOxkgdEsYVcCadFcS3wMPg7dFKV9w96ygb8kvxN3p-6AiflBYH5IR&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=8119915948126591000&adk=1033480531&idt=86&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdd198d7b71e5935bd501de8d205de866d0588f88addd373f9d153bd21aeff75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11457
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame BA48
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b9d5ef-7511-11ed-92ac-1891fad20506
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b9d5ef-7511-11ed-92ac-1891fad20506
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXbCZqgTD-XilKu-wqeT7weibLDsRHUbjp7G5NTrCdHBjBdpfTmkaFMnMh5NskuRjmmUaMLaTpXQdkLl6-KiZ0R6E1voBxgCCRziSsD5C0uDUe-6g0l_qDH4XONHPPfhLGdmXpIokU-WDKSc3q2VR6cRnX3Xeh7vSe0NjC-yRRjQo6bZn4
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
127
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b9d5ef-7511-11ed-92ac-1891fad20506
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
83
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BA48
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXbCZqgTD-XilKu-wqeT7weibLDsRHUbjp7G5NTrCdHBjBdpfTmkaFMnMh5NskuRjmmUaMLaTpXQdkLl6-KiZ0R6E1voBxgCCRziSsD5C0uDUe-6g0l_qDH4XONHPPfhLGdmXpIokU-WDKSc3q2VR6cRnX3Xeh7vSe0NjC-yRRjQo6bZn4
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
99
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BA48
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNXbCZqgTD-XilKu-wqeT7weibLDsRHUbjp7G5NTrCdHBjBdpfTmkaFMnMh5NskuRjmmUaMLaTpXQdkLl6-KiZ0R6E1voBxgCCRziSsD5C0uDUe-6g0l_qDH4XONHPPfhLGdmXpIokU-WDKSc3q2VR6cRnX3Xeh7vSe0NjC-yRRjQo6bZn4
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
date
Tue, 06 Dec 2022 02:54:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame A8D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b99dd4-7511-11ed-b311-10b91cd50206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b99dd4-7511-11ed-b311-10b91cd50206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNUNnR0whksBulEUZ_tyN1SQjb4ZWq_Ly_spPOeoFBwyb2tBDhrawL7iJecsqYS_qjwqxkFuqIHa_6zRoZCK-YXzZzlVbh-9mSoEe-2UfzC5RLsX_OPQsHRV-wO7TLw4GJWmPbknvzO2gK1-z-RjTcvgy7d1thLCReMjdeGh11J9ySQAIRQ
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
56
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEH1Xw0Fce7Fm_kB4OhaLgVw&google_cver=1&__user_check__=1&sync_id=54b99dd4-7511-11ed-b311-10b91cd50206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
144
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A8D0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNUNnR0whksBulEUZ_tyN1SQjb4ZWq_Ly_spPOeoFBwyb2tBDhrawL7iJecsqYS_qjwqxkFuqIHa_6zRoZCK-YXzZzlVbh-9mSoEe-2UfzC5RLsX_OPQsHRV-wO7TLw4GJWmPbknvzO2gK1-z-RjTcvgy7d1thLCReMjdeGh11J9ySQAIRQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTRiMWE2NzQtNzUxMS0xMWVkLThjN2QtMTRjODE3OTQwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
140
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A8D0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGOG1l9sBMAE&v=APEucNUNnR0whksBulEUZ_tyN1SQjb4ZWq_Ly_spPOeoFBwyb2tBDhrawL7iJecsqYS_qjwqxkFuqIHa_6zRoZCK-YXzZzlVbh-9mSoEe-2UfzC5RLsX_OPQsHRV-wO7TLw4GJWmPbknvzO2gK1-z-RjTcvgy7d1thLCReMjdeGh11J9ySQAIRQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yX1F2V010RTJ1RWdYazA0dWRsaEpEUHBHR0N2cGFrSn5B
date
Tue, 06 Dec 2022 02:54:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dpixel
cms.quantserve.com/ Frame D795 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FYVeOBfHI-q0zBZDqvoNgz2ozkDibRD1SnSdMtU0kIwzETRczAYRfIYmA_nbeFKd6uhHCdhVmZPkATFRXQ1Ifhk-cB7nN5g
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D795
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ5xh0OOtHFWXKJd_weM1mCIUnTosSLMKlhnJs0Kbwi3ZLMbnOuhwjRL4h26CJg4MoUXBrc1njPKE7DtOcruPYGqbtfg63f&google_gid=CAESEMrmoGG4X3B3szWKQxERQMM&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPHdupwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BU2tKM0ZaNXhoME9PdEhGV1hLSmRfd2VNMW1DSVVuVG9zU0xNS2xobkpzMEtid2kzWkxNYm5PdWh3alJMNGgyNkNKZzRNb1VYQnJjMW5qUEtFN0R0T2...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc1dYNmtoMDlzOFFENW1OTDQ3cktrWUtsTG1MV1dZMlRVMUFjWl9XSXM4MA==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc1dYNmtoMDlzOFFENW1OTDQ3cktrWUtsTG1MV1dZMlRVMUFjWl9XSXM4MA==&google_push
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc1dYNmtoMDlzOFFENW1OTDQ3cktrWUtsTG1MV1dZMlRVMUFjWl9XSXM4MA==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D795
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbvzD56...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbvzD56...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDYwMjU0NDEwMDA3OTI4NzMwMTY4OQ%3D%3D&google_push=ASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDYwMjU0NDEwMDA3OTI4NzMwMTY4OQ%3D%3D&google_push=ASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3fHZOP_0CMIlGljTa0vyJPDAkSsbVBOW
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDYwMjU0NDEwMDA3OTI4NzMwMTY4OQ%3D%3D&google_push=ASkJ3FbvzD56teHbMqjIfgAhhLwNxHfKkFJm-QqM4eD_HZeDqABdYC43IREIKKw7QX9D3fHZOP_0CMIlGljTa0vyJPDAkSsbVBOW
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 06 Dec 2022 02:54:41 GMT
pixel
cm.g.doubleclick.net/ Frame D795
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaPs0iRUVbT68QXStoZZVQHO2XGhFJdcsW_5QlLQa7AOEIm6Wz_EeN8VUQN8wuY6m-Pa5yX5AQWSdYNuRIXSS3lnCvOJnCo
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaPs0iRUVbT68QXStoZZVQHO2XGhFJdcsW_5QlLQa7AOEIm6Wz_EeN8VUQN8wuY6m-Pa5yX5AQWSdYNuRIXSS3lnCvOJnCo
date
Tue, 06 Dec 2022 02:54:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D795
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OSlgtMTEtOEtWSg==&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652T6m1qAT7Cu03jYudyz3Qt2jVl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OSlgtMTEtOEtWSg==&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652T6m1qAT7Cu03jYudyz3Qt2jVl
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OSlgtMTEtOEtWSg==&google_push=ASkJ3Fasr1YiCYjWQrcKYr2MdrPiw2hqaKY-dxxaW4b8WDLPlq_iqENOWSp683LLlKckUhAy652T6m1qAT7Cu03jYudyz3Qt2jVl
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
trk
ag.innovid.com/ Frame D795 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG_Pb0TshKK3-gaM1YbOmTo&google_cver=1&google_push=ASkJ3Fa7Hgk3G8KmuwgNktYu4_CfWyoAwwYI1u0XYRLMZvw2UnV15htY_U6HK48Bu0r8wvTf8_SMKSOHZ64TGpVNUFp3LzE8X0w
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame D795 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame D795 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiTEzmayTUxoaNMBA52kWnAW3UM434cFrA_KJ4Cfh9bn2PidW_-m1Ugv0-JtpVDnyx4hnLSg
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3184089579429&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3184089579429&version=m202209210101&ct=76&x=1&cor=17034531157143050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8C17 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGsCJ6-lXySg3pxJv_ql4crrIbkC-ZxwDTUIbCuOEAT5qT7sbnZtQGCNqm4-3zR7bQmNSrpEt38dJvQoNf5N0aSNLazQ&cry=1&dbm_d=AKAmf-A-HkP72yWsFNwTwRS-lhqkveq55DKiCZueMHe_MZjKwyqTW6NNmgMN3ZFdynhQvg1aQQkoSGJQzzKttLOy6uKlx5g-fgL6kBbJX9HW_XobRm49k1M2Uebw6nrj_gJHCCGWPUfdSZLd5xsTAbvYvYzQdCFFqy6Lga2znikeiDbkR-gb0g2IObwoCbvuS4Ss04KjyKhfZnqwBCHJLI2LHj5EODce58HPPqniWo6b7aqncLec-3hsxYztoBCDpjKvgLdX9ux5jVcMj5CcgO_2hEM-xJYDvCjPe61eBUAQsUaYf1s1ZtmSMPw0yktOUp6LkowW1QLMif4bciDYKLpxC1tR1deg6WSjgG9JDlmnG6rZeI6gKCz7CyEsuWjYvXrmE4-FD-1Og0VhI09j0fC9XWS_SkO025wxZKMYcyyWuG_Kp9j2z4Yss8WECbNBd9_1JCl_Z8xIJQxedcYY4JXd7yEJOBjU1rlSjja0uOpApTjyQYd8t9VctiCKU39dmF_2oxeQbhjM4bQ7TYH4n08PShVkWnjbOTpF7HzD9HiqPjGMldo_MWeWBpYKNvn3WQlLO-7La8kF1nJTQUNvznaS6rl2ieVkkGxH8XR3IlQrvCFtjYSC3Bc_Db_ixplhicMn3FOd5OJ6NIILnH6vCSkWT2sek8IbxIwcIJlfQ1JRe32dw3kPvx0kxs2u_PSt8AwbLE-TI8BM2oPtz1BtVojiRNQkhqWMyItf8PgxoLFsRMOTJTomkk1_PF2NON7E9x9FXKOGgPqcP5wCTv1HJ85QCMjUeV8qYC7G62avUIWufLh9K9vyQDVS4T_pp4ws3GtXHhfFOMSQiDK6G-wTMU4kd17g6fij8GCdu1wNEvdEtwv86Qqjag1o_zkRA_dTa8-03wnl4WlgihzE9h2d7MfafNwsFvBkoJuIUWTdCSNXrQ3-QmUJpjj86RS_kfZ3E8HbD-3YyeopI3kqwExikoohq-m8Xf5uNQwSyblAkGX001DkkzsBuTnIpNE49aPGvBbz96Pmf2ziyTDIK-XONvsV9ylMeVsMIufZF_nSQY5X-gCvWEP_tEJRE3NPMuhMXOdnaxDeDfzPlAsocPXlgO8wbDScswxwyiU1rMSif-wSFj1Sz1yn1fkU7NaT01XMUrNPLEQI_reCHjmsQcolze1PhgBpQxz-zj4gTrcJkA_kGRAZYwZvHEN9aKYGjaVTuwSKic9d1irAN4VIpV4hwtb9iHD1wq-fqoWq-xrG9QXE8BF-f9oT-0Eix8f4RRw7q3Ss9bjORr3NcmcauDNwGvjs_AVtIf10FIKkOPe9FaShWVh-gdcqnQcIfiYDVOaIH7cloJiZ6BDop89HZiM_n-zk687mcPexEfYCn1KwvEo8dAFq4CWPtjuFk5aRztUuy-mhfgFVtLbJ_Mg4HMYeYGuzVsqtSAHFMR7fC_f7OmPEwr6gmEyHWsubMdsk1j9f5Vn5e6k0D5pJL0y5GsKB03h4XlOewvqDbh2CZ3OQcEC2i6iYXuUQMp9MN9Ao1zXrnrBX8-Wlpek4zvqmbiX0QY6Xp-VZDiBAk2OC67NRAGWW-JtKGgAkLa9uLMD9yP09DWRJHUsTLMINGN0zQKigVKJFAM6jaJeLy7GkkvAjvu2xkLOPWzmeR76opCLpR_AU8bq5REx2w7C6AcNflmeWGkXdCgnrczolaycCS7VxWCMRWnVGn3lJvThtDxnayGlV-n0EZtzjTX6yW3p9trUwUOL4bQox165aFzI_yQtClp1taDIfuK2Yq9fhoqVAYIdp2qLLHrla2Q1dn1GaJRMAqsz4w0xPAKxnx8EQ0Khq4qw4qIo11FKQNP2pcTCYsvmm_ea7o6ZrCJaWvEtXbb7AfR0C3b5OW_ta7QILHKgrug8eCwk9otOE2Z8xPe-7ygh7Juaw0WEMEWzoJ-h_UMGdX5WikbJuQM0V9aSgY-opf3gYe30l4UjqyUjAEaNpGkFk14haRsuvYfc-pJEevmguQ4TEsW51qfVRszyu3mziRvoZ08zKCJ0JOX7nuJWsYMnoVdt8jFHH4_dAXO7gKmnKaWDyWSdiG7yKNfe1uJrIB0WzDDizx4nZafKDprdpDHcnbg1cU6x-F-vqv8K9zqMqwhoe0kW4FRRYKLxou-rSdqTulMWDHuN0Q3DPXB_hq6MoKO8_-GPE6un-OzMhPImbT8Yh7QktTqFw9ZbrUiTxCjImLjxq8lRAMaY1CKwqdhThY93ibnM2keZRt8iouZYof2p83qCy05naV5zY-K9Oky-56p1C-qB1ylswEtcBEeBdH7XfVW5Qo9jmlu10D-M3RFYgpTGI54q72zKVNzdWrjbiTc6q5yBd9nzrxS8LXKjSjmF4pMH9miHCSFT6eJj6vTpKK1hoxsvuR4VL1WgsMRIInNy3KNP74OpfrnAtQjaay_-b3kPdSny_Mzi3pOcYxhcj_Vmk9vUTTgbnlVfjoL-TM-6xqgCFzrb4NfU4ud_dEbtmMWimd27wUXF4EXCHJDhkE2xHeYgEsJzAWjIAbzoq2D6RtzNDD24W5qekOKkImInJ0n-w5vgH7axUMhrpPDSa6Y-uaN__eOK-p7fWF5XNE7LlpUyK_PYNfjONk85Yn2bDhYtla2NK0GF4TzX1MhdosGon9-iGJuuKyCBr4DJD45MZSGp4U7ItmzqodibPTQy-t4oL3voy69DjoeN47h3Ov7jfkHMzW1ZfD5m1WThF-T2KCB4p_Hh1xH9OlLzx_mRaEdiO-GrNEyYWaCsCZQ6YsrEwpSpbVpD2A2jVfcx6jRzUvNeM9XnpKB1IgNLqWksXv-2E3Py5gohB1TFHG1egSbXP3-SzcGt-ShlyG3rforOupQoWWZzIVABmcAN81WqDCqoZVklSGOQFnwNaIP95-7XAIVqnoBv2LDZ0M6NJeTz_f2-8we7XHRASpVnoQKCZQfOtSeGIkxoO7odrZCk3HlKK9haZLE-kIcOc4vIbERcdOHpCMSgmxMz4ttEWRD2fTDyMMrFQC_ixflwFVUyeoEbRbAA0WPTCFSun5Ziod53oQV8P90YqV_Jw_JfN6fhiaiSTVnaCwTpgB13ROxQP8oxrAA7zr9giJWdEhKp8oRpTu1BzRgVnVB_-nYy8G7MCNG4oech8spJedN5tCijxJ0UnlGIVlki_8RsG8T7PYjVn1nanfoVxX7ZOyzfDZ03gS8i5UhwQ&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=17034531157143050000&adk=4188270525&idt=103&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67ff595af04d1364dbc889b858994062e61b0acaf277a12e823d76c0a5964603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34611
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3E2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIwR2_XETmmekYmxbyJXeLQ&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIwR2_XETmmekYmxbyJXeLQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGMzZ5tQBMAE&v=APEucNU_LjVcPUYbTmSgR9MOJ9KRSUjBKhqPR6bp2Mece9yp1wNnpteXctei1I81xii0blFqqOFLmrEvKAAxu24YfnZY7TsN69Vaza2kDFd8U-PpIeBXrsg6hNWnGEFxxYEBK7ir2Nd7-fWADYT1fubEpGWfg9ap1CVW2XQy16pNwNHdrJ7SH84
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIwR2_XETmmekYmxbyJXeLQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3E2D 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGMzZ5tQBMAE&v=APEucNU_LjVcPUYbTmSgR9MOJ9KRSUjBKhqPR6bp2Mece9yp1wNnpteXctei1I81xii0blFqqOFLmrEvKAAxu24YfnZY7TsN69Vaza2kDFd8U-PpIeBXrsg6hNWnGEFxxYEBK7ir2Nd7-fWADYT1fubEpGWfg9ap1CVW2XQy16pNwNHdrJ7SH84
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
transfer-encoding
chunked
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4777448458997&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4777448458997&version=m202209210101&ct=77&x=1&cor=13838816206504473000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A2BC 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpRSvLPbqkbqJvEDSQ6PT1-k_Yr6nPfymQot0xdFplt8Gzu5zb9ADpXfNQWiPy9XXobFqVX8ueJkJSSpyIpdWLpnd0CW1pJcpXERUM-9ZUnfy3X52dz1pCjLxc8Vqq_t_w8S1nm0Ek9tCMUXnhGfqlGRwNRB3hg2pBb14cWEeevr6UmBo&cry=1&dbm_d=AKAmf-DKqFl7Dy7RTM2NyizSAHhrfzT24H0d6vk-a77YqmW3VbcoH2jFvj1OIUSAxXDwTPOdaoK86lAm-NYSzJdNVV4bntmEQjr-bR1n-foI_0uvZBfj4Z514eKumJ8DdtJWg3b8PgcIOi4ciutdYA4pW3MyNVrdHRtRDwIwMjj6-UeDuDM60SxIzPtqXbu1beFwGPTlaPXWbzlROCVW7FiqnBkQQx6ns85n9FM2rHrWDc-8oLJ_8Ql2EEvcPI82h1y6_X8jqgopy7am9QoffxMjsJIhrFOovFareVDGdTAxqDf2vPeVNW4ncG-l_yroYiWa3Lwy3swjBh3QPM1YMBkaFeh6Ai6DIOPqdPFbB7SsWhH-Xpnpgc05E2Nd46arxEePKoFIe1VxnRAL_qYJujsR6sSXWNP33NXff8Nu3fHvV5ET6uEMb_6zBDhwsY3WzFOsa9Nb2yWUFZs8EF0Zi6mC99_i76kAlhOIHbuTfP6VejQJ9xaI91cJkq9br3GYM5qNLefdppv5kS6QbWvYhCbCPXlh4BDqy27DWbXAIHAwAxnq6-MJWSU82a41weEWbSYpMW-B39Z5J6JeqyoV9EAa1uh2Ljg8kV22uuNZrOzTyq2dzpj63fVW6QwS11Jl7Aww4_CcASl7ah8v906TVzCXAWlhtDhaW2zRoJmCauDGILjP6oFkZi4V0FwRAdOPERiL5ZdMY-w0W65WmWd5ZFno4hBb7KEGEoNs02kwJrca5W2TbQfnbL7_-ZaBKyRWMjW5LUY-0xPJCfFkznEDH2uWpy6Asfizsb5Ob7GSrZ5JGhLjxRBEZ7miYGKen0bYKG7pjTWBcy4u5_0xoaW7d2VGhal-knGdeGwyYRI2I-dUJNEimzShguesDwQusZkdAU89yADopYxmqVHiuvi-3Ad7NAOodRE5pr5p47UT4VzTmnYaN6eErAL6e2pDgEuHdZnyNCD9mlbiPfCiolsULSr1q9KPJJJUfTPNbz3srHMgMF4aWC9sKSvbkVvWs9dHEy3789TPpyad8XBj7SI4EkWsymoXnnPK4THVrfdnyIzL2mc7IhwflHQmdJiz9X7TLU63_YR15iBMiaQ99FiD4EhqA1Lk9h1yNQvuTtUlmOhhf1XOjd7Pgp2oYDR26v2GuPyRJi8RA7YBJlzBBwgseZ1-UfHG2Nwp8F9UGPGnnoUo4fjZWCHUrzs4dnXsUN0iuQGq6KuQQYzi72_Kqg56-YPIL-mdIMK7EpVhm1-95AL-LV-6tryEMuZoSao6AqZA9Xpgi3eLe7dbWqRMRZ5B_M0bAIW8dV1SfgXdHOP3MYtuZ9i1TRaiUhWcPfp5GsJGeWieIYqagW_ZbznU7Sv2O-SmmiGHbWXh0Te2X08Pu77rz-Scr0qdlREC5T8kSykneeab-Gkuimzp5qUd0Pyp8aoeAjqO83TNOdrOpce0heNPt7dKJRq7Q1fArNFlGIsJh0Ibk9Ols4lUZD4tHD87Hb0SmbWrA9XOty4rMP6yC-Q3L0xn6AbErywWpLSWJk2qVebOpfI-YFYi25ccylPpCMu88x80c_rWXSjCVjE4q9EbhugvJsJt05Av9yCNaMn-olGeuIBoYYNdc7byHvfXVpCTmfOQ_PKAhDwfWAWAaxZYnB0XdxB8JnmQz0tHc67LeVPKy8AnXLfUqJoRwN_0Ab2v7NNI-SmniZ2BAq5X-x2YF2WaY3xEOigprIFETVkcoT1e1VvNegnkHz_BUP5exWlwO-2AaAn6e9_9U78ISBibRIm9HPVTTLTVIOk5lmqyAN__6UMOdYGX4EYYa3DaEkJ66IHXpcnXdMp0xWi8d_WNbPvC0iy4jNihm4iOxqHlnDaYohh3C3TmqN0oIA9syoFxwO7tPQhTvgPFrYhZeL2CjmfIPpWAmh24PvDWH44g9koA-O_NvU9swwnbsn_h1mAYz5ishIm67fBO3VovdOAQbIWHO1FpOOayj6Fyxd8pfAB0NTCvR9p5OMQndqiCUXUweaS1mep9MP8bNvsKF0mJFkwdow2EN6JYRGOHKCnopQ-9XTAfsQ3gc8cj5JnjIFta-CsUf3nX3jfYZQLq9P_2o6opsA_5ISjKP6Qrr_e3eOB3ffoIYDi5eJzJhNu0ws9O2fe3udik0HAN8HEV40U2lLJrDAD6Uot5TsK8epecYdASe6vP21WCepC0x8R9-0E-iyBBC1QDVKuZR6M3Xi3dLmUbQyNAEam9GK5wnM-ArTuZhSO-XoH0Aer7XR5cE4x3owRGkTWFK1WxFBJB4TChKpb-gcYqFzbAb_8ezdt-Ih0IK5cCD7wYIWTn_B6z3bpOwiCbVVthkg77M6HptufICxL8lp_qni3H8IVVSwCkvZFAtxC2FiLTI9xZehVSt2Xgimss5X8K1yvxyovMN90pF3_K8KahL1cyPUzwPtyLOypaVTIweEKihfPCw089Lu3OD07C4U5V6gS1U3vGEVueRMLfaWZ2mHZpO3HTIJr-3AIwWCh-Zk1S9QHIKdx7PqSDVnkpihfSbTj0Jfv1NbdumK6murJjn0P_bfJSxr_1HAPYCOWrl4wjQhfvju24hA6LVae8KEklzhLxGtv4nf7icO-mhKSzF8hem3mXGj_WZLqhYaerJeTfrQu5tIwFwMG_HsO9mm6IpB05tsyQJ3k6-cQ3zHrPLiWVdB4CBmHmbVgJh2D_Bp2QUf6Yc4gqDVBa_ZuT0HwMQP1uy6KxlEkLig3WUddxssAlXWp4wcfWHI4g9AV8F-QqYqkvvKIS6WiF47UkoMXqUec1ydg2OK_8vvf3HjynAGLz_OzL-tKOTohVVJgg7jq21r5VLHjhM4UMR3Mv0mRawCJyGYg3-5nQn9dc6bDc03NXsC-RJvpSx1D3Lt0bw9NLUOeXkb1vXDLUpLZxRuW76LNChtdIh7NqDfp2bcySjrTVD91x1u58v0bDiL8IKpPcMNBdkrRSTU7w16ImGTPnwxt6s8Z-pl5q2Clf1bQ7x7Qvhj1Zxm4NpbQFyrn2nlovylQsFLZDmucorZfGDN2gfiE7fLjFkkKPFNQi3EbFFNcL8Ggiq3cFm959he6NXg7KIqMnqiFjx-zSBcnUPrL04iEFJFzBCUEjIOronL-nEi4r_m52MCC0hasQKylgQ8M9iOfqQJu2q6YCSy0hLwS4Zj3uLtIPWFoxH4HYczPDzarXwHjph7ro7rMtLMw3BUOWe513ds1RgW1wwQemDm8_ocpcZgxUI3IoPVuVttsZK0lI9PgizCHNE1-n7HwLfLVbp0WNUhtPOYC4aNUNNrGsMpVuykWga-lETIL6SPaBvYLgbCbqgEY6oRQSfN_XV8-I7USxR9ovhrxrS8RW2dOQQe2jnEpDsjZC3gdAcqlOQvrwo5paysdt0HpF4yOhIyJQos7GRhlX9rplFawNzz2KSmBtuE2e2FL32CBv9j76KrNCsSDA35ELbK04b0T2KXUYRUeiGWwj6PGbj8LVSXehSKcPYZwas4hxhxCai9eGIW0jfEl4DV0M9tGU1SGyWY6zy_Ywad45bm71TkHiY67ycIoUiZLljC9HG4qxIC5TLItLOq4R_Lqx3Jrd9anxXnAK&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=13838816206504473000&adk=3690638929&idt=109&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc5a64108df764a984d50b3e3762749bf1807c5aee932a890d99547bfeee77de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8629 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
368efa57daae391de6f253828bf520217a86aa9f2e50d79a28e259fa746b769b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
server
sffe
etag
"1413 / 683 of 1000 / last-modified: 1670286137"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 02:54:41 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1196176/66167959/ Frame 46E7 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1196176/66167959/skeleton.js?ias_dspID=3&ias_campId=1009160256&ias_pubId=pub-5656744916850703&ias_chanId=1&ias_placementId=18467292430&bidurl=https://stud.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g2-lmYx6MPRNjX0qx6EC76
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.30.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-30-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ec2fa925f14970a86e5fad6e49da81dc962052bf142175a111475bd7f6f032ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 46E7 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Origin
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 10:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Dec 2022 10:10:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 46E7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5TffcG0ZiTnUeDvTTvghjCvezFILygqCI0ZspCjG5egQuXqBub7YRSZfDlc2g0qiofOBBmN_DvNhYlSmKGrXjiW2xGJblNUbmEqJxBNrNDN7_2eptkJyKkZiZM0buFT5or3l6_I9ytSUI4aZC0GjG47x4i8p36rqH8pgMH-hVRQrSFgg&dbm_d=AKAmf-CIuEltSKM7I2MNmFZbdHmzHzmNIpgu3Ed7pyHZ_FQhgNaS0UJrSbA2GtKHct96RviwPZrZRxCDCHZVF2tXmfLNTpEjZFibNLYF4UCy_Um6mNkLbv1zs-g-GEZ4tpe7-hcNWaa_ly0zRsNfoy-89lQbSW0doGfUcP00P1UWotPLbIJdqI5It_YWgHH4_8WPDb1pylmsjXopGJjvFAfAGTdBB99gjOmAEUR02rN12CH07y7iTzzdGanznB6ZrzyhpN-RQ5Kt_HqFnx-DbLWuDgvCjnOzsDI_LUN7PVKCHhqkID_CSe3ylsUowy3E2oj-3b-8NyJsU1dYbzEOOIIL2DpxlM82kVj2s-wzBJZ_Pn4rYx4F5ZF4yBCSGxW7hL9HFZUdKsolOF7dG32Cp1ev5lclxfPhC84fbnoCErtjSIdYdhm_A9U6TOfiS8Gdwb5VPb24Um3Ho669JUYIOiPqRYO33bAi8tV7CN0KJXgn84dyhQJSnmqiNDICJ-tz9yl_lKSS7Pw_jGG3svNAa4Cu1cgptrcOwXxUbFyIqPM8-8Pc1y2U19UNrZChZYlt9E8hPpf5H9euSMDSpBungZGENLR_sTVIR8hScYWi1QGeeGgCigwNNHgk5RbmMtHQMNCVsJpS5y63SqD8BBf5ShVzwECwDUiOVg3Vxw3LODZpKGMob0C6PP3erlya0jU1Tj3s_7bZqI4fvSQhKzt3xsnzOjOst-BWkO2h5GVCNjSm6bPKJ94m3sua3vMfPy8v8iH16FaKrTBLyHiD29IalUA_CFv8QlEnGf1SMvOd4iTxYgt6v3Z0Qfgd_nS0IVQiRnFE17I8KnYDeNz6lPHNkNwewi2QbAmoDO41SjUmED5zkPJU8Tx_WKwrIVpKfoKjV1Pw7SWwXwT5OSUvzDZTmgpo8UyQ-yFNH_McrGsytrvjiBE7yd0pT9Ode8GhxTiMGLgliojtMwTAFUWBqQInkXTAwl2hiFO6rI-L-bnIAbODcUVHv1DQZ7hAPHj3mM07dFnwrvKAwei3V8EAKISwuwTX2XSrycPTfkTkqFPovd2MbC8Zum7-XwrFXncSlCND6EpO6EZRSgd7q4SZZh9rdBRwSzfEI7V4Xmb0Uh4Go0h8pj1TLkBXj0yuptq_ZDLKkp8M9aHfVuMgwvLDCBpOOU74sPFKS9_V2ekI25C8TbUA2I9mA6tBaZ4kPPDNiz0fEomqcL-UQErDCVm16pqvLD4NxGDWfix9qqeJGgIRxDxwN4wLsjRnMj4VRcXkbqMgH8jYhsi5sFJhL5ABR24ZZfnzYHPJa9z4-N6g6wrs-IVaR2_bbOTrUu3EULPbUQyZPV9b55mUdrmvQ9TkgkVVlAfNcWbjgiTWHYq4ynF6cssNBpcXFjkho-p1K1FPHyebZwF6astLJcmOUt_Pyqd_mTJOExBUpsZCkNUkIWp6VdLWKbZ4cgCK01vM-yaboflEWp8SXe_XcBEOSL9-iwK2jtstvlc_b5ymxO8hm877ge7pYxorOOnEiTEgENbpTEHndOQow7ROJQs2Zw2lgocnfCBTe_-o_qUi5sM7yBALW9vLltB0L_dFSthrt7JKk03BDHphp-jLYvYWO6aVGyAdDvEhqOZA5XSrHv85S0z5YNuuyGDASI1-xCnFnqJyIjrQ1wd9PpOwbR4Ij7sh2WrcAUeOQ1ZpIZtaTICuBSggjQwowuVWYUOs3pJvHi8GehORMsoBDhhVUUGL_ZXgrm55hFvI-_71_C95RLl1lZw7ducqiqKG38wmMAblR6AO8agrrtzkuDvzTQe349YRHl10J9D0QzR0VK-q9tPe7CxcbIEFum49xEOTNj2DXk2Nz7oyMWn0GUj0CK1tDh7RgQZ9gUft_XgRoZYp3cTPX5v9Q1zd1wjWmQhDPUcCZb2rwzPZWZbVNph6bblCd_ON3HoXHoWtUg1Uj_haJAgy6y016J0qz6n-oFfyrYpPwK7SOLDZ2eFP1ZEnu19mqpkZ1XVD1wo8uMHVoYoub4JbOByJ2VFYlgL6viTlu8S9p1Dik5PFXZw5P29VvczYy0DYdFuzu2xpnzsgA7Aw5wObxIBzfunuWiirWjCVcUygq9dnIEyn10shZtxeRKJhqlI0cKSFDTqCQIDsExncQ4DjKVbevlYcPh6lgPgcbzz4gsr0oLZfJngNVHaBvuqYgwKBwkZXxUttHGbNVjdk98AlqvwCj2CuDfv0-5ZpJNax-ZrkQL5llT1xA3OfVV2Gs2T5yXAVI9g2jxtV-FBdFNNLX95eoJ2XSI1kDNkNSUzOVAmfh54mUjZ4Y5wbB_zQcbTjR8aiSw-3H6jg6K5yR-ozlYdYSbXmVGVKpbDEwuLjtVEcdf1s9yYAMHdZnp-cn-z_lhJ6xsd-AGzP8WT4MmRxobN1-R891BsUKV9dna5wvDmNuQVzkOq5O5Ag4i151P45VzK4b7gSXq1o4ib7CGTv-19-0Gy1szFwqGnxrgzUXdAgFJ7JnfyCK34MLn50ll_I4SiizBblFVvWhhZLjfc9QZNkxP9-jZ-Rn2T9RSG_F0OGyUPoHkrWv-tuXU-nakRV36LOOcWscdZYc5hr5KMU6GY9qyqnU7SmmnpgFvPs8JoOEBCHiuvKvso2ioonwC2cPZ_hHwB3Vzya4WLWZHXNgBDZTiyIx2EiEJs9D5djdu7fktaYDNwqOXtUwSsHBlk8QpOiGLQzeT0408rU_Rd1TXDx3Qr7J6okF3Mt4b7B22XgC5HcHIwSc8G1rkn7g0P3YN-VEet4McQEWYqSmPvXG6A8-fUrgGcBBzBo9hKTKnC4O5f5BcV_TFpvYfla14IR4Jf7PQ_n9rqKGfhwJOe7FdSPZtEqIDBOG8f_W6svoDH4cQWxsDfd3njQNzhh6_g_Jc4Q4wvK1qlxwMDSdy8t_YdO8cwgUVGfUfqEJKk3feIupx0Ef54ZVMBYcbq3AZlRIrT-fWyxqRz_gAqINN72Q4iyhmZEmLOXiMdKs2KfCSwGHWcJ-8RszWZ5oAuEp_J4_yjAJpNQeWbp5Q0sXZ2OUzGVK-SA7TIlxrzddpvIyKzfYm9jI08RDnxP4U5iCZZuPtfg0Be4GMNhWkodGJ7D5Jwrn2tGOt3eZkv_7pTvusmTI8LeN3zjGTZtOFVqbYKzijh56a-JcLFh-aQZfgvNjZ6bkGToF_HzaOOPKEkxgGJdEyVe6lBJz4wflqim0VGlo86zfllocjllUOZ3VhC1_fZQgh3AAIjgULaGQGGxN34xzPKvX0EwU28cCiteLcgy8wkaIQzcLgKx71cHC2hoWRmCUU6oTqUJcv-mYfXAgGCzq_jGkzo8Y99lBJj4LUBPQmujfpaSSlkzWq9TGw&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&rfl=1%2Chttps%253A%252F%252Fstud.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:39:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 46E7 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5TffcG0ZiTnUeDvTTvghjCvezFILygqCI0ZspCjG5egQuXqBub7YRSZfDlc2g0qiofOBBmN_DvNhYlSmKGrXjiW2xGJblNUbmEqJxBNrNDN7_2eptkJyKkZiZM0buFT5or3l6_I9ytSUI4aZC0GjG47x4i8p36rqH8pgMH-hVRQrSFgg&dbm_d=AKAmf-CIuEltSKM7I2MNmFZbdHmzHzmNIpgu3Ed7pyHZ_FQhgNaS0UJrSbA2GtKHct96RviwPZrZRxCDCHZVF2tXmfLNTpEjZFibNLYF4UCy_Um6mNkLbv1zs-g-GEZ4tpe7-hcNWaa_ly0zRsNfoy-89lQbSW0doGfUcP00P1UWotPLbIJdqI5It_YWgHH4_8WPDb1pylmsjXopGJjvFAfAGTdBB99gjOmAEUR02rN12CH07y7iTzzdGanznB6ZrzyhpN-RQ5Kt_HqFnx-DbLWuDgvCjnOzsDI_LUN7PVKCHhqkID_CSe3ylsUowy3E2oj-3b-8NyJsU1dYbzEOOIIL2DpxlM82kVj2s-wzBJZ_Pn4rYx4F5ZF4yBCSGxW7hL9HFZUdKsolOF7dG32Cp1ev5lclxfPhC84fbnoCErtjSIdYdhm_A9U6TOfiS8Gdwb5VPb24Um3Ho669JUYIOiPqRYO33bAi8tV7CN0KJXgn84dyhQJSnmqiNDICJ-tz9yl_lKSS7Pw_jGG3svNAa4Cu1cgptrcOwXxUbFyIqPM8-8Pc1y2U19UNrZChZYlt9E8hPpf5H9euSMDSpBungZGENLR_sTVIR8hScYWi1QGeeGgCigwNNHgk5RbmMtHQMNCVsJpS5y63SqD8BBf5ShVzwECwDUiOVg3Vxw3LODZpKGMob0C6PP3erlya0jU1Tj3s_7bZqI4fvSQhKzt3xsnzOjOst-BWkO2h5GVCNjSm6bPKJ94m3sua3vMfPy8v8iH16FaKrTBLyHiD29IalUA_CFv8QlEnGf1SMvOd4iTxYgt6v3Z0Qfgd_nS0IVQiRnFE17I8KnYDeNz6lPHNkNwewi2QbAmoDO41SjUmED5zkPJU8Tx_WKwrIVpKfoKjV1Pw7SWwXwT5OSUvzDZTmgpo8UyQ-yFNH_McrGsytrvjiBE7yd0pT9Ode8GhxTiMGLgliojtMwTAFUWBqQInkXTAwl2hiFO6rI-L-bnIAbODcUVHv1DQZ7hAPHj3mM07dFnwrvKAwei3V8EAKISwuwTX2XSrycPTfkTkqFPovd2MbC8Zum7-XwrFXncSlCND6EpO6EZRSgd7q4SZZh9rdBRwSzfEI7V4Xmb0Uh4Go0h8pj1TLkBXj0yuptq_ZDLKkp8M9aHfVuMgwvLDCBpOOU74sPFKS9_V2ekI25C8TbUA2I9mA6tBaZ4kPPDNiz0fEomqcL-UQErDCVm16pqvLD4NxGDWfix9qqeJGgIRxDxwN4wLsjRnMj4VRcXkbqMgH8jYhsi5sFJhL5ABR24ZZfnzYHPJa9z4-N6g6wrs-IVaR2_bbOTrUu3EULPbUQyZPV9b55mUdrmvQ9TkgkVVlAfNcWbjgiTWHYq4ynF6cssNBpcXFjkho-p1K1FPHyebZwF6astLJcmOUt_Pyqd_mTJOExBUpsZCkNUkIWp6VdLWKbZ4cgCK01vM-yaboflEWp8SXe_XcBEOSL9-iwK2jtstvlc_b5ymxO8hm877ge7pYxorOOnEiTEgENbpTEHndOQow7ROJQs2Zw2lgocnfCBTe_-o_qUi5sM7yBALW9vLltB0L_dFSthrt7JKk03BDHphp-jLYvYWO6aVGyAdDvEhqOZA5XSrHv85S0z5YNuuyGDASI1-xCnFnqJyIjrQ1wd9PpOwbR4Ij7sh2WrcAUeOQ1ZpIZtaTICuBSggjQwowuVWYUOs3pJvHi8GehORMsoBDhhVUUGL_ZXgrm55hFvI-_71_C95RLl1lZw7ducqiqKG38wmMAblR6AO8agrrtzkuDvzTQe349YRHl10J9D0QzR0VK-q9tPe7CxcbIEFum49xEOTNj2DXk2Nz7oyMWn0GUj0CK1tDh7RgQZ9gUft_XgRoZYp3cTPX5v9Q1zd1wjWmQhDPUcCZb2rwzPZWZbVNph6bblCd_ON3HoXHoWtUg1Uj_haJAgy6y016J0qz6n-oFfyrYpPwK7SOLDZ2eFP1ZEnu19mqpkZ1XVD1wo8uMHVoYoub4JbOByJ2VFYlgL6viTlu8S9p1Dik5PFXZw5P29VvczYy0DYdFuzu2xpnzsgA7Aw5wObxIBzfunuWiirWjCVcUygq9dnIEyn10shZtxeRKJhqlI0cKSFDTqCQIDsExncQ4DjKVbevlYcPh6lgPgcbzz4gsr0oLZfJngNVHaBvuqYgwKBwkZXxUttHGbNVjdk98AlqvwCj2CuDfv0-5ZpJNax-ZrkQL5llT1xA3OfVV2Gs2T5yXAVI9g2jxtV-FBdFNNLX95eoJ2XSI1kDNkNSUzOVAmfh54mUjZ4Y5wbB_zQcbTjR8aiSw-3H6jg6K5yR-ozlYdYSbXmVGVKpbDEwuLjtVEcdf1s9yYAMHdZnp-cn-z_lhJ6xsd-AGzP8WT4MmRxobN1-R891BsUKV9dna5wvDmNuQVzkOq5O5Ag4i151P45VzK4b7gSXq1o4ib7CGTv-19-0Gy1szFwqGnxrgzUXdAgFJ7JnfyCK34MLn50ll_I4SiizBblFVvWhhZLjfc9QZNkxP9-jZ-Rn2T9RSG_F0OGyUPoHkrWv-tuXU-nakRV36LOOcWscdZYc5hr5KMU6GY9qyqnU7SmmnpgFvPs8JoOEBCHiuvKvso2ioonwC2cPZ_hHwB3Vzya4WLWZHXNgBDZTiyIx2EiEJs9D5djdu7fktaYDNwqOXtUwSsHBlk8QpOiGLQzeT0408rU_Rd1TXDx3Qr7J6okF3Mt4b7B22XgC5HcHIwSc8G1rkn7g0P3YN-VEet4McQEWYqSmPvXG6A8-fUrgGcBBzBo9hKTKnC4O5f5BcV_TFpvYfla14IR4Jf7PQ_n9rqKGfhwJOe7FdSPZtEqIDBOG8f_W6svoDH4cQWxsDfd3njQNzhh6_g_Jc4Q4wvK1qlxwMDSdy8t_YdO8cwgUVGfUfqEJKk3feIupx0Ef54ZVMBYcbq3AZlRIrT-fWyxqRz_gAqINN72Q4iyhmZEmLOXiMdKs2KfCSwGHWcJ-8RszWZ5oAuEp_J4_yjAJpNQeWbp5Q0sXZ2OUzGVK-SA7TIlxrzddpvIyKzfYm9jI08RDnxP4U5iCZZuPtfg0Be4GMNhWkodGJ7D5Jwrn2tGOt3eZkv_7pTvusmTI8LeN3zjGTZtOFVqbYKzijh56a-JcLFh-aQZfgvNjZ6bkGToF_HzaOOPKEkxgGJdEyVe6lBJz4wflqim0VGlo86zfllocjllUOZ3VhC1_fZQgh3AAIjgULaGQGGxN34xzPKvX0EwU28cCiteLcgy8wkaIQzcLgKx71cHC2hoWRmCUU6oTqUJcv-mYfXAgGCzq_jGkzo8Y99lBJj4LUBPQmujfpaSSlkzWq9TGw&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&rfl=1%2Chttps%253A%252F%252Fstud.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eaf6ba223aa3e584c45e61f98c53c8369dfb8f74430f92206d728557a29bf16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
6317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11190
x-xss-protection
0
server
cafe
etag
15869917811587367608
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:09:24 GMT
default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 278E 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669909960
age
384128
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 15:53:06 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669909986917312
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VFRJR65fxxIt4fWYpNAe%2BYe%2B7Q14x7bT7MjMZoUdpYFXQc7O%2Bax7a7ErVFes6v65yIHPNULbxIosuvip%2F%2FoljNzfkXqZRKBz0f4uIojj22lgxF7gNVJeGe2Nb%2BydyNa2AwLcCDyppU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
7751bd049bd87576-LHR
expires
Tue, 06 Dec 2022 03:54:41 GMT
r62eglto.js
ad4m.at/ Frame 278E 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
76090
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9blMnfUMyXY%2FCW8Gty75PgVTdAVhhRkBQ%2FhKnN%2BO%2B2VpnQLnViXqEcrFJgfZCV6skJ0uwOJM5hIDRKGhoH3LUH67Z1xyqkLLnumr%2B0Q2GCSMXnfc1ZwS4hl3G7WYL6vXj9NhouE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7751bd04589d23d3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Nov 2022 06:18:07 GMT
truncated
/ Frame B2A9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8a1a822a2c8438d8ccc563a8643d41c99813e0f1217f9a54e2e611007f4c671

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 263B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7NW6Rd3ezdzJB_ZsxjDLN5K1GUl8aqjcHqKGecDG7inH2ZMWy2HO9Ho-mOAssXIxftL9CiR7ABdHcDOAZzr0Fy7wb-qR0epdUih5M8HMl4rIVp_sDBgPeMB5g&sai=AMfl-YQbX9GSBbg3dgBEKhwML0hRRan6Jr8OYbWsnzxc-qaIORixY5zu6o6u0sCSFale4M0vKzPP253U-eOy8Vs&sig=Cg0ArKJSzDWJc8E8Z_yHEAE&cid=CAQSGwDq26N9vHjfQynvjAxcf5x0FYfZBMdH7rN5EhgBIBM&id=lidar2&mcvt=1015&p=0,0,90,728&mtos=764,1015,1015,1015,1015&tos=764,251,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295279643&rpt=685&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B2B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKDeHZJDHes0X3JBGmET87PGPf1DT1_v7JToiPyq6sD5vDovWmDi6ul7LtmcLEl2K9mwixr7Q8PX0yFPWH4d_xjB-oO9fnZHfYbZ4BNqa5t_8sgjcEUt6A9bvfzmM88_bi0Aq2B3yj8pM5XqaSzeoGP5rlnCuZG3wcKnvBroQhzCT8yVI&cry=1&dbm_d=AKAmf-DkW9ANHHiZXiRm20nVcoYbUggblaKVI_XXtSB1VcNlWd6ikWWvHQYgvo6BMrU0fYSPeOPkHG3iLE6A6WGrNjTDQfDd0h8GgDqIvymLJFiVPllrTSloGMwxbKi0qygzidWXsJl8iJa-nlmnLS0-ftiMxXYEOVfr8tyROxIQVndDz2duQLMrNLDuR7WT33f8VnVs8qbwwtxL9ih90yiIDh5O-0mZxFZJeAqHv4eVbn4qtnVaCpNiKDz1G4T8QwtL_djuIdu-gCU3XXZfoOsPUW9eOrwjIPJoOX8UFh8yKGE1Wif1lfTLBM7SZZ1vHeQhaA74Q9jeVwn-9dGAZvWtJPB-XJyFFj3j7K61iAbxApDxogYTCwfbYRiqhM4FXqUR0QoiNWOVCGl4z6yv-GTQd6Yhj5w-3pUfBOxhWf4aewNvjqGrLjqHj5cEV0UyZ0mtVrZwjPx2cGgthQY-zzAcX-PKnb6Am5Yb_87elVTnRtZ9rVprO4EbtJI2a66iU-yWOoOhhLNvq0GPUaX2tN78Gwj_SvrlApkS4yDRlqRb0t9J1BTpEJ-R-cjyzQBYEoOqWLw0eIEWoXRf0N_QrY04Y4l0BYpDyY-jv12_875fZbCTg6v0lXdHXxHnocIO2qMfdr3sZteYXTeK7j0_wNfvGb0xE4sDUY2CQOhNVUrAt0SpKatIDfO2eqcTETKnK7utIuqRQr9GjgPnDTeT-moF_bJi7Mv8jMSFO2vFLYacn-u35O1dYqYKQuisJtBruUH8OmehRJwRN4rCRUJIErnNzN1eNdyoV2jP0yefeU3shojU5jZwa1dD328KPnFxcQpZg9lDy51h72dvwwMEUeFE4jLrwdPGB4GE6EX8L1Pec7oy3k2Y0Nj_QxJaO_lzRZakCuy-kZi8Mra9k8tF-sr2wEDjJMUhFnAY1r_OynPOKQtpF2xFYgJJM3jwmKnlAAvPJgXhgawF-zuuzBfjlCvfHoAUuJNQQE-tkrubgCsdK8dBSNYibZ4P4DzL_HSNAGOBTTmEoGkYqiSizTtiPmueaY7tEqmDn4IF_0iVJLtgpGwhN3DaPPv2N3GvMHFkVsDr8m4z-lS1oHZLPPW1UiSoz58bpIVK9X0PnpxD9lB8ik9CNeNH4fnrvPrgyAKjjz2OBN2k3tTM8G6RttFM2TMkLikAoCzRvdNJIs9ONBC_631fIzeMHRA3LZqF9Rr3G7QdCnzRQH9t1cq7IovqwtU6CRjOsf5ReISn6g-PFuGr0R0SGIVYwVx4O1U5_K0RaxDfseOhLx-pnvvyvJKn4TWIP-KySE8QorFD9a_xc-CbCGglfhfyZyK-I9nCsOEDXHqpLrsD5f9rsbhQkVWHxZ_C8go4DadRwbT4A5nfVBsy3ZdJ4QcRwV2b9GQIPq12BIdUepg9XmfdG6k7Yb643ywBGK4uRovOuLo32XELCGcLuVhT2YIKbmcGwj4Jh5Z1YWeRdUQ1DXWlqFmAWcVt0eUwr4D9w0BtfUswdejmI1AKyiL1TPvEh_XL1wvgK-zmHXdyw8__rTyrIfg8mUuke2nkHfTO9o9EfOutVLO5cex9cQO2xVfgqxjI-3DeLqTTiiHodoBJNOHDOCyBobTMmtDGqPCjemsBI4qM1T6p2C8yNYTt-FTro2fPQwsSlKNGAp3cPph8b4V9FlnSrCGdVABNF6cUexkX565aZ7PsPplCsAhhNyKR6p7BYBf4sa8128ZDH13KR9sGcu5J9teeA-calTY1kLviY7B80w4qNHqZzVq_bxTm_dEUgAnNvhDucP4rmbmvzFOnnQd6ozbCndv-SQ3ArUR8IJITWfC-qyd8xHX45fY77Ovp2CzlynqVATB1Educ5aFgkdlNDr64pVbFOyCiIvaOmsb3yoY5rGu8e2J7evSKQeFVg5nDhUaacG3sTLVGTsQifypzoUgGQDbDf_8c0fMbjVsIkP45pq7OpFqgHIAAPqSDAV5tBpE55CYEabo_gQJAVmjbg3lOLtp3jGj0cprAA0or8iZc-tOtj9Bq63ZlkeeA_OVRHE7BpBtZoxYyhv4emKu34eYKq4g0EW24xNYGx68zwxIQMlw9-aEua6D2laHexXwYBaCnbOWoNAAOHjmWtcDEllzzN5V1A5ZnjVxWYbiFUKjOqddz5cAMoABtyFrc0BFrvaaAFjObwcM3iYqKLNSguvW7lSScuHSXC7Vt9XyE5kUUC69pBolBpQoov0IzcphRK9OPEHRUjy77NgCDcCYD_gU5ErBfEmCELUJV9xf7iY_jl8YTu_waWZ6_ffP2rtwuZgnLwoCByw2E2b95epE_OQneLaSBefFgdu4_uzmSSlZc9Dr-bhu2rb8452qOOfuEpnLAAtaxUIPJvszq0ok6odXan5k8iZZR_pm0awu4ISzan-oNi21aITvonPvzzFqdHH3u03xZz19p6ovka60Jjepw6fcu9OMkHVl6sG3BX2sH2MOxkhKkQg5_vHP7GXbB2gQ2svXZ1HFRiBultQiLxyU93TRkzYrY5o-OaJJa50OW6Wzf8g2cyjApSs9gYnQ5Hzs9AhkugKcpH7EJZ2GtdAXWH5Vs-7PAoznG7eShVtQUH67wKMgSztwAmtj_19h8hecBBk8MTo1yS2uV9Mkpy7w1ZVr2BFAhhSBvvaiO17kQ_7kSRWHUbHcDgyRSI8MzojQ6kPxfZ_kmErFMQYR83cGj-dWUMVr8FhWCxFfT4AGukFIbTmly0pD1WXursJR4-tTDiuUwPsSA6lgvFIsK4Yq4b0f5H6jmua8UIxrZK7iO5LU3W5ghpfoMreS2fMgy9am_Y5nIHd-OZg9y9yr5605MCFh9gXKtDRHFzU1tnOfPgKzPYbY2QCglHY8Xu5c2XhR8zhiw88fL_ortfR0T9PlbYUTnhLdlukyKnZm8jS9janxpgQjlinUtltJ4hnwCkPEMWkFrSRa_GmmPlGAg_NnmAILfSzbI9nOaGbk6W3IsEXob4R8JSh93Ttnz1SZHkcasDSQCez1BIp5hByVrZT0vccBnQ5SMYTflCHlxsYGKef2ykiObD210J-B2Gg2_sGaBDDgWBwl7gMCeodkHVL6vmwliuAXnZ9pt2Ag1m18JoS5C2Pi7lATf0zvGUm3u6tGnDIFslu3Xh6e4ka8Mkxx_w0VCq_a-F6pLCrMxOLKBnG-i01Jop9bYc_5abBPDuLMkKjHjmBjj3xJKq1WRa_V-eyrcVMR27M69UMbr2aikShBYAXqwGoaHNqlcRW9IvcsQsF9wHTmfCYWLLYuXTy6C-x50k9MGZ6Sf9KAqG3cwSThF0IGXS1CKZFnAnpKDjJjYxgBjd-EVqXe8FiJrLfWJDw3yXcrIg2o2dkFvrZHvDa4XNSOrEvoht1wjkmys5Hk2yay5VTVrVuEFhkww0ZvNk4lS-OVbRRZ0uvwUJ5l307N-TCUZfpnaEcCtRVsTV8HIXSJZuvuSMAGN3Y8lVBnf8QuVwqj5-x0ZMP9k9dpoOAxAhfFXwpD5bpM6ikEl4Sb2Oy0sdsPWG4b2Ku9W0Q8kSGbiOxkgdEsYVcCadFcS3wMPg7dFKV9w96ygb8kvxN3p-6AiflBYH5IR&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=8119915948126591000&adk=1033480531&idt=86&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame B2B6 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985913&sid=18330&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
multitracking
ghb.adtelligent.com/adunit/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19332/hbw_master_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://stud.com.ua
Date
Tue, 06 Dec 2022 02:54:40 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
prebid.1.2.aspx
inv-nets.admixer.net/ Frame 8629 		42 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://stud.com.ua
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8C17 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Origin
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 10:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Dec 2022 10:10:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 8C17 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGsCJ6-lXySg3pxJv_ql4crrIbkC-ZxwDTUIbCuOEAT5qT7sbnZtQGCNqm4-3zR7bQmNSrpEt38dJvQoNf5N0aSNLazQ&cry=1&dbm_d=AKAmf-A-HkP72yWsFNwTwRS-lhqkveq55DKiCZueMHe_MZjKwyqTW6NNmgMN3ZFdynhQvg1aQQkoSGJQzzKttLOy6uKlx5g-fgL6kBbJX9HW_XobRm49k1M2Uebw6nrj_gJHCCGWPUfdSZLd5xsTAbvYvYzQdCFFqy6Lga2znikeiDbkR-gb0g2IObwoCbvuS4Ss04KjyKhfZnqwBCHJLI2LHj5EODce58HPPqniWo6b7aqncLec-3hsxYztoBCDpjKvgLdX9ux5jVcMj5CcgO_2hEM-xJYDvCjPe61eBUAQsUaYf1s1ZtmSMPw0yktOUp6LkowW1QLMif4bciDYKLpxC1tR1deg6WSjgG9JDlmnG6rZeI6gKCz7CyEsuWjYvXrmE4-FD-1Og0VhI09j0fC9XWS_SkO025wxZKMYcyyWuG_Kp9j2z4Yss8WECbNBd9_1JCl_Z8xIJQxedcYY4JXd7yEJOBjU1rlSjja0uOpApTjyQYd8t9VctiCKU39dmF_2oxeQbhjM4bQ7TYH4n08PShVkWnjbOTpF7HzD9HiqPjGMldo_MWeWBpYKNvn3WQlLO-7La8kF1nJTQUNvznaS6rl2ieVkkGxH8XR3IlQrvCFtjYSC3Bc_Db_ixplhicMn3FOd5OJ6NIILnH6vCSkWT2sek8IbxIwcIJlfQ1JRe32dw3kPvx0kxs2u_PSt8AwbLE-TI8BM2oPtz1BtVojiRNQkhqWMyItf8PgxoLFsRMOTJTomkk1_PF2NON7E9x9FXKOGgPqcP5wCTv1HJ85QCMjUeV8qYC7G62avUIWufLh9K9vyQDVS4T_pp4ws3GtXHhfFOMSQiDK6G-wTMU4kd17g6fij8GCdu1wNEvdEtwv86Qqjag1o_zkRA_dTa8-03wnl4WlgihzE9h2d7MfafNwsFvBkoJuIUWTdCSNXrQ3-QmUJpjj86RS_kfZ3E8HbD-3YyeopI3kqwExikoohq-m8Xf5uNQwSyblAkGX001DkkzsBuTnIpNE49aPGvBbz96Pmf2ziyTDIK-XONvsV9ylMeVsMIufZF_nSQY5X-gCvWEP_tEJRE3NPMuhMXOdnaxDeDfzPlAsocPXlgO8wbDScswxwyiU1rMSif-wSFj1Sz1yn1fkU7NaT01XMUrNPLEQI_reCHjmsQcolze1PhgBpQxz-zj4gTrcJkA_kGRAZYwZvHEN9aKYGjaVTuwSKic9d1irAN4VIpV4hwtb9iHD1wq-fqoWq-xrG9QXE8BF-f9oT-0Eix8f4RRw7q3Ss9bjORr3NcmcauDNwGvjs_AVtIf10FIKkOPe9FaShWVh-gdcqnQcIfiYDVOaIH7cloJiZ6BDop89HZiM_n-zk687mcPexEfYCn1KwvEo8dAFq4CWPtjuFk5aRztUuy-mhfgFVtLbJ_Mg4HMYeYGuzVsqtSAHFMR7fC_f7OmPEwr6gmEyHWsubMdsk1j9f5Vn5e6k0D5pJL0y5GsKB03h4XlOewvqDbh2CZ3OQcEC2i6iYXuUQMp9MN9Ao1zXrnrBX8-Wlpek4zvqmbiX0QY6Xp-VZDiBAk2OC67NRAGWW-JtKGgAkLa9uLMD9yP09DWRJHUsTLMINGN0zQKigVKJFAM6jaJeLy7GkkvAjvu2xkLOPWzmeR76opCLpR_AU8bq5REx2w7C6AcNflmeWGkXdCgnrczolaycCS7VxWCMRWnVGn3lJvThtDxnayGlV-n0EZtzjTX6yW3p9trUwUOL4bQox165aFzI_yQtClp1taDIfuK2Yq9fhoqVAYIdp2qLLHrla2Q1dn1GaJRMAqsz4w0xPAKxnx8EQ0Khq4qw4qIo11FKQNP2pcTCYsvmm_ea7o6ZrCJaWvEtXbb7AfR0C3b5OW_ta7QILHKgrug8eCwk9otOE2Z8xPe-7ygh7Juaw0WEMEWzoJ-h_UMGdX5WikbJuQM0V9aSgY-opf3gYe30l4UjqyUjAEaNpGkFk14haRsuvYfc-pJEevmguQ4TEsW51qfVRszyu3mziRvoZ08zKCJ0JOX7nuJWsYMnoVdt8jFHH4_dAXO7gKmnKaWDyWSdiG7yKNfe1uJrIB0WzDDizx4nZafKDprdpDHcnbg1cU6x-F-vqv8K9zqMqwhoe0kW4FRRYKLxou-rSdqTulMWDHuN0Q3DPXB_hq6MoKO8_-GPE6un-OzMhPImbT8Yh7QktTqFw9ZbrUiTxCjImLjxq8lRAMaY1CKwqdhThY93ibnM2keZRt8iouZYof2p83qCy05naV5zY-K9Oky-56p1C-qB1ylswEtcBEeBdH7XfVW5Qo9jmlu10D-M3RFYgpTGI54q72zKVNzdWrjbiTc6q5yBd9nzrxS8LXKjSjmF4pMH9miHCSFT6eJj6vTpKK1hoxsvuR4VL1WgsMRIInNy3KNP74OpfrnAtQjaay_-b3kPdSny_Mzi3pOcYxhcj_Vmk9vUTTgbnlVfjoL-TM-6xqgCFzrb4NfU4ud_dEbtmMWimd27wUXF4EXCHJDhkE2xHeYgEsJzAWjIAbzoq2D6RtzNDD24W5qekOKkImInJ0n-w5vgH7axUMhrpPDSa6Y-uaN__eOK-p7fWF5XNE7LlpUyK_PYNfjONk85Yn2bDhYtla2NK0GF4TzX1MhdosGon9-iGJuuKyCBr4DJD45MZSGp4U7ItmzqodibPTQy-t4oL3voy69DjoeN47h3Ov7jfkHMzW1ZfD5m1WThF-T2KCB4p_Hh1xH9OlLzx_mRaEdiO-GrNEyYWaCsCZQ6YsrEwpSpbVpD2A2jVfcx6jRzUvNeM9XnpKB1IgNLqWksXv-2E3Py5gohB1TFHG1egSbXP3-SzcGt-ShlyG3rforOupQoWWZzIVABmcAN81WqDCqoZVklSGOQFnwNaIP95-7XAIVqnoBv2LDZ0M6NJeTz_f2-8we7XHRASpVnoQKCZQfOtSeGIkxoO7odrZCk3HlKK9haZLE-kIcOc4vIbERcdOHpCMSgmxMz4ttEWRD2fTDyMMrFQC_ixflwFVUyeoEbRbAA0WPTCFSun5Ziod53oQV8P90YqV_Jw_JfN6fhiaiSTVnaCwTpgB13ROxQP8oxrAA7zr9giJWdEhKp8oRpTu1BzRgVnVB_-nYy8G7MCNG4oech8spJedN5tCijxJ0UnlGIVlki_8RsG8T7PYjVn1nanfoVxX7ZOyzfDZ03gS8i5UhwQ&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=17034531157143050000&adk=4188270525&idt=103&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:39:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 8C17 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGsCJ6-lXySg3pxJv_ql4crrIbkC-ZxwDTUIbCuOEAT5qT7sbnZtQGCNqm4-3zR7bQmNSrpEt38dJvQoNf5N0aSNLazQ&cry=1&dbm_d=AKAmf-A-HkP72yWsFNwTwRS-lhqkveq55DKiCZueMHe_MZjKwyqTW6NNmgMN3ZFdynhQvg1aQQkoSGJQzzKttLOy6uKlx5g-fgL6kBbJX9HW_XobRm49k1M2Uebw6nrj_gJHCCGWPUfdSZLd5xsTAbvYvYzQdCFFqy6Lga2znikeiDbkR-gb0g2IObwoCbvuS4Ss04KjyKhfZnqwBCHJLI2LHj5EODce58HPPqniWo6b7aqncLec-3hsxYztoBCDpjKvgLdX9ux5jVcMj5CcgO_2hEM-xJYDvCjPe61eBUAQsUaYf1s1ZtmSMPw0yktOUp6LkowW1QLMif4bciDYKLpxC1tR1deg6WSjgG9JDlmnG6rZeI6gKCz7CyEsuWjYvXrmE4-FD-1Og0VhI09j0fC9XWS_SkO025wxZKMYcyyWuG_Kp9j2z4Yss8WECbNBd9_1JCl_Z8xIJQxedcYY4JXd7yEJOBjU1rlSjja0uOpApTjyQYd8t9VctiCKU39dmF_2oxeQbhjM4bQ7TYH4n08PShVkWnjbOTpF7HzD9HiqPjGMldo_MWeWBpYKNvn3WQlLO-7La8kF1nJTQUNvznaS6rl2ieVkkGxH8XR3IlQrvCFtjYSC3Bc_Db_ixplhicMn3FOd5OJ6NIILnH6vCSkWT2sek8IbxIwcIJlfQ1JRe32dw3kPvx0kxs2u_PSt8AwbLE-TI8BM2oPtz1BtVojiRNQkhqWMyItf8PgxoLFsRMOTJTomkk1_PF2NON7E9x9FXKOGgPqcP5wCTv1HJ85QCMjUeV8qYC7G62avUIWufLh9K9vyQDVS4T_pp4ws3GtXHhfFOMSQiDK6G-wTMU4kd17g6fij8GCdu1wNEvdEtwv86Qqjag1o_zkRA_dTa8-03wnl4WlgihzE9h2d7MfafNwsFvBkoJuIUWTdCSNXrQ3-QmUJpjj86RS_kfZ3E8HbD-3YyeopI3kqwExikoohq-m8Xf5uNQwSyblAkGX001DkkzsBuTnIpNE49aPGvBbz96Pmf2ziyTDIK-XONvsV9ylMeVsMIufZF_nSQY5X-gCvWEP_tEJRE3NPMuhMXOdnaxDeDfzPlAsocPXlgO8wbDScswxwyiU1rMSif-wSFj1Sz1yn1fkU7NaT01XMUrNPLEQI_reCHjmsQcolze1PhgBpQxz-zj4gTrcJkA_kGRAZYwZvHEN9aKYGjaVTuwSKic9d1irAN4VIpV4hwtb9iHD1wq-fqoWq-xrG9QXE8BF-f9oT-0Eix8f4RRw7q3Ss9bjORr3NcmcauDNwGvjs_AVtIf10FIKkOPe9FaShWVh-gdcqnQcIfiYDVOaIH7cloJiZ6BDop89HZiM_n-zk687mcPexEfYCn1KwvEo8dAFq4CWPtjuFk5aRztUuy-mhfgFVtLbJ_Mg4HMYeYGuzVsqtSAHFMR7fC_f7OmPEwr6gmEyHWsubMdsk1j9f5Vn5e6k0D5pJL0y5GsKB03h4XlOewvqDbh2CZ3OQcEC2i6iYXuUQMp9MN9Ao1zXrnrBX8-Wlpek4zvqmbiX0QY6Xp-VZDiBAk2OC67NRAGWW-JtKGgAkLa9uLMD9yP09DWRJHUsTLMINGN0zQKigVKJFAM6jaJeLy7GkkvAjvu2xkLOPWzmeR76opCLpR_AU8bq5REx2w7C6AcNflmeWGkXdCgnrczolaycCS7VxWCMRWnVGn3lJvThtDxnayGlV-n0EZtzjTX6yW3p9trUwUOL4bQox165aFzI_yQtClp1taDIfuK2Yq9fhoqVAYIdp2qLLHrla2Q1dn1GaJRMAqsz4w0xPAKxnx8EQ0Khq4qw4qIo11FKQNP2pcTCYsvmm_ea7o6ZrCJaWvEtXbb7AfR0C3b5OW_ta7QILHKgrug8eCwk9otOE2Z8xPe-7ygh7Juaw0WEMEWzoJ-h_UMGdX5WikbJuQM0V9aSgY-opf3gYe30l4UjqyUjAEaNpGkFk14haRsuvYfc-pJEevmguQ4TEsW51qfVRszyu3mziRvoZ08zKCJ0JOX7nuJWsYMnoVdt8jFHH4_dAXO7gKmnKaWDyWSdiG7yKNfe1uJrIB0WzDDizx4nZafKDprdpDHcnbg1cU6x-F-vqv8K9zqMqwhoe0kW4FRRYKLxou-rSdqTulMWDHuN0Q3DPXB_hq6MoKO8_-GPE6un-OzMhPImbT8Yh7QktTqFw9ZbrUiTxCjImLjxq8lRAMaY1CKwqdhThY93ibnM2keZRt8iouZYof2p83qCy05naV5zY-K9Oky-56p1C-qB1ylswEtcBEeBdH7XfVW5Qo9jmlu10D-M3RFYgpTGI54q72zKVNzdWrjbiTc6q5yBd9nzrxS8LXKjSjmF4pMH9miHCSFT6eJj6vTpKK1hoxsvuR4VL1WgsMRIInNy3KNP74OpfrnAtQjaay_-b3kPdSny_Mzi3pOcYxhcj_Vmk9vUTTgbnlVfjoL-TM-6xqgCFzrb4NfU4ud_dEbtmMWimd27wUXF4EXCHJDhkE2xHeYgEsJzAWjIAbzoq2D6RtzNDD24W5qekOKkImInJ0n-w5vgH7axUMhrpPDSa6Y-uaN__eOK-p7fWF5XNE7LlpUyK_PYNfjONk85Yn2bDhYtla2NK0GF4TzX1MhdosGon9-iGJuuKyCBr4DJD45MZSGp4U7ItmzqodibPTQy-t4oL3voy69DjoeN47h3Ov7jfkHMzW1ZfD5m1WThF-T2KCB4p_Hh1xH9OlLzx_mRaEdiO-GrNEyYWaCsCZQ6YsrEwpSpbVpD2A2jVfcx6jRzUvNeM9XnpKB1IgNLqWksXv-2E3Py5gohB1TFHG1egSbXP3-SzcGt-ShlyG3rforOupQoWWZzIVABmcAN81WqDCqoZVklSGOQFnwNaIP95-7XAIVqnoBv2LDZ0M6NJeTz_f2-8we7XHRASpVnoQKCZQfOtSeGIkxoO7odrZCk3HlKK9haZLE-kIcOc4vIbERcdOHpCMSgmxMz4ttEWRD2fTDyMMrFQC_ixflwFVUyeoEbRbAA0WPTCFSun5Ziod53oQV8P90YqV_Jw_JfN6fhiaiSTVnaCwTpgB13ROxQP8oxrAA7zr9giJWdEhKp8oRpTu1BzRgVnVB_-nYy8G7MCNG4oech8spJedN5tCijxJ0UnlGIVlki_8RsG8T7PYjVn1nanfoVxX7ZOyzfDZ03gS8i5UhwQ&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=17034531157143050000&adk=4188270525&idt=103&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eaf6ba223aa3e584c45e61f98c53c8369dfb8f74430f92206d728557a29bf16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
6317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11190
x-xss-protection
0
server
cafe
etag
15869917811587367608
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:09:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 46E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4740 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 10:44:06 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 46E7 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
122bce79d8dc846d26040ac599f8422dd306e50d87a40212dbd2f56c46303d7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ Frame 8629 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 21:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 21:21:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 8629 		221 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
929048e6f1ecb4fbf70387e63a018fce0ed854b956a69c5cac16e17fc717d1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A2BC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpRSvLPbqkbqJvEDSQ6PT1-k_Yr6nPfymQot0xdFplt8Gzu5zb9ADpXfNQWiPy9XXobFqVX8ueJkJSSpyIpdWLpnd0CW1pJcpXERUM-9ZUnfy3X52dz1pCjLxc8Vqq_t_w8S1nm0Ek9tCMUXnhGfqlGRwNRB3hg2pBb14cWEeevr6UmBo&cry=1&dbm_d=AKAmf-DKqFl7Dy7RTM2NyizSAHhrfzT24H0d6vk-a77YqmW3VbcoH2jFvj1OIUSAxXDwTPOdaoK86lAm-NYSzJdNVV4bntmEQjr-bR1n-foI_0uvZBfj4Z514eKumJ8DdtJWg3b8PgcIOi4ciutdYA4pW3MyNVrdHRtRDwIwMjj6-UeDuDM60SxIzPtqXbu1beFwGPTlaPXWbzlROCVW7FiqnBkQQx6ns85n9FM2rHrWDc-8oLJ_8Ql2EEvcPI82h1y6_X8jqgopy7am9QoffxMjsJIhrFOovFareVDGdTAxqDf2vPeVNW4ncG-l_yroYiWa3Lwy3swjBh3QPM1YMBkaFeh6Ai6DIOPqdPFbB7SsWhH-Xpnpgc05E2Nd46arxEePKoFIe1VxnRAL_qYJujsR6sSXWNP33NXff8Nu3fHvV5ET6uEMb_6zBDhwsY3WzFOsa9Nb2yWUFZs8EF0Zi6mC99_i76kAlhOIHbuTfP6VejQJ9xaI91cJkq9br3GYM5qNLefdppv5kS6QbWvYhCbCPXlh4BDqy27DWbXAIHAwAxnq6-MJWSU82a41weEWbSYpMW-B39Z5J6JeqyoV9EAa1uh2Ljg8kV22uuNZrOzTyq2dzpj63fVW6QwS11Jl7Aww4_CcASl7ah8v906TVzCXAWlhtDhaW2zRoJmCauDGILjP6oFkZi4V0FwRAdOPERiL5ZdMY-w0W65WmWd5ZFno4hBb7KEGEoNs02kwJrca5W2TbQfnbL7_-ZaBKyRWMjW5LUY-0xPJCfFkznEDH2uWpy6Asfizsb5Ob7GSrZ5JGhLjxRBEZ7miYGKen0bYKG7pjTWBcy4u5_0xoaW7d2VGhal-knGdeGwyYRI2I-dUJNEimzShguesDwQusZkdAU89yADopYxmqVHiuvi-3Ad7NAOodRE5pr5p47UT4VzTmnYaN6eErAL6e2pDgEuHdZnyNCD9mlbiPfCiolsULSr1q9KPJJJUfTPNbz3srHMgMF4aWC9sKSvbkVvWs9dHEy3789TPpyad8XBj7SI4EkWsymoXnnPK4THVrfdnyIzL2mc7IhwflHQmdJiz9X7TLU63_YR15iBMiaQ99FiD4EhqA1Lk9h1yNQvuTtUlmOhhf1XOjd7Pgp2oYDR26v2GuPyRJi8RA7YBJlzBBwgseZ1-UfHG2Nwp8F9UGPGnnoUo4fjZWCHUrzs4dnXsUN0iuQGq6KuQQYzi72_Kqg56-YPIL-mdIMK7EpVhm1-95AL-LV-6tryEMuZoSao6AqZA9Xpgi3eLe7dbWqRMRZ5B_M0bAIW8dV1SfgXdHOP3MYtuZ9i1TRaiUhWcPfp5GsJGeWieIYqagW_ZbznU7Sv2O-SmmiGHbWXh0Te2X08Pu77rz-Scr0qdlREC5T8kSykneeab-Gkuimzp5qUd0Pyp8aoeAjqO83TNOdrOpce0heNPt7dKJRq7Q1fArNFlGIsJh0Ibk9Ols4lUZD4tHD87Hb0SmbWrA9XOty4rMP6yC-Q3L0xn6AbErywWpLSWJk2qVebOpfI-YFYi25ccylPpCMu88x80c_rWXSjCVjE4q9EbhugvJsJt05Av9yCNaMn-olGeuIBoYYNdc7byHvfXVpCTmfOQ_PKAhDwfWAWAaxZYnB0XdxB8JnmQz0tHc67LeVPKy8AnXLfUqJoRwN_0Ab2v7NNI-SmniZ2BAq5X-x2YF2WaY3xEOigprIFETVkcoT1e1VvNegnkHz_BUP5exWlwO-2AaAn6e9_9U78ISBibRIm9HPVTTLTVIOk5lmqyAN__6UMOdYGX4EYYa3DaEkJ66IHXpcnXdMp0xWi8d_WNbPvC0iy4jNihm4iOxqHlnDaYohh3C3TmqN0oIA9syoFxwO7tPQhTvgPFrYhZeL2CjmfIPpWAmh24PvDWH44g9koA-O_NvU9swwnbsn_h1mAYz5ishIm67fBO3VovdOAQbIWHO1FpOOayj6Fyxd8pfAB0NTCvR9p5OMQndqiCUXUweaS1mep9MP8bNvsKF0mJFkwdow2EN6JYRGOHKCnopQ-9XTAfsQ3gc8cj5JnjIFta-CsUf3nX3jfYZQLq9P_2o6opsA_5ISjKP6Qrr_e3eOB3ffoIYDi5eJzJhNu0ws9O2fe3udik0HAN8HEV40U2lLJrDAD6Uot5TsK8epecYdASe6vP21WCepC0x8R9-0E-iyBBC1QDVKuZR6M3Xi3dLmUbQyNAEam9GK5wnM-ArTuZhSO-XoH0Aer7XR5cE4x3owRGkTWFK1WxFBJB4TChKpb-gcYqFzbAb_8ezdt-Ih0IK5cCD7wYIWTn_B6z3bpOwiCbVVthkg77M6HptufICxL8lp_qni3H8IVVSwCkvZFAtxC2FiLTI9xZehVSt2Xgimss5X8K1yvxyovMN90pF3_K8KahL1cyPUzwPtyLOypaVTIweEKihfPCw089Lu3OD07C4U5V6gS1U3vGEVueRMLfaWZ2mHZpO3HTIJr-3AIwWCh-Zk1S9QHIKdx7PqSDVnkpihfSbTj0Jfv1NbdumK6murJjn0P_bfJSxr_1HAPYCOWrl4wjQhfvju24hA6LVae8KEklzhLxGtv4nf7icO-mhKSzF8hem3mXGj_WZLqhYaerJeTfrQu5tIwFwMG_HsO9mm6IpB05tsyQJ3k6-cQ3zHrPLiWVdB4CBmHmbVgJh2D_Bp2QUf6Yc4gqDVBa_ZuT0HwMQP1uy6KxlEkLig3WUddxssAlXWp4wcfWHI4g9AV8F-QqYqkvvKIS6WiF47UkoMXqUec1ydg2OK_8vvf3HjynAGLz_OzL-tKOTohVVJgg7jq21r5VLHjhM4UMR3Mv0mRawCJyGYg3-5nQn9dc6bDc03NXsC-RJvpSx1D3Lt0bw9NLUOeXkb1vXDLUpLZxRuW76LNChtdIh7NqDfp2bcySjrTVD91x1u58v0bDiL8IKpPcMNBdkrRSTU7w16ImGTPnwxt6s8Z-pl5q2Clf1bQ7x7Qvhj1Zxm4NpbQFyrn2nlovylQsFLZDmucorZfGDN2gfiE7fLjFkkKPFNQi3EbFFNcL8Ggiq3cFm959he6NXg7KIqMnqiFjx-zSBcnUPrL04iEFJFzBCUEjIOronL-nEi4r_m52MCC0hasQKylgQ8M9iOfqQJu2q6YCSy0hLwS4Zj3uLtIPWFoxH4HYczPDzarXwHjph7ro7rMtLMw3BUOWe513ds1RgW1wwQemDm8_ocpcZgxUI3IoPVuVttsZK0lI9PgizCHNE1-n7HwLfLVbp0WNUhtPOYC4aNUNNrGsMpVuykWga-lETIL6SPaBvYLgbCbqgEY6oRQSfN_XV8-I7USxR9ovhrxrS8RW2dOQQe2jnEpDsjZC3gdAcqlOQvrwo5paysdt0HpF4yOhIyJQos7GRhlX9rplFawNzz2KSmBtuE2e2FL32CBv9j76KrNCsSDA35ELbK04b0T2KXUYRUeiGWwj6PGbj8LVSXehSKcPYZwas4hxhxCai9eGIW0jfEl4DV0M9tGU1SGyWY6zy_Ywad45bm71TkHiY67ycIoUiZLljC9HG4qxIC5TLItLOq4R_Lqx3Jrd9anxXnAK&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fstud.com.ua%2F&ds=l&xdt=1&iif=1&cor=13838816206504473000&adk=3690638929&idt=109&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame A2BC 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985913&sid=18330&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
syncframe
gum.criteo.com/ Frame 7A32 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=stud.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
server
Kestrel
server-processing-duration-in-ticks
720459
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 02:54:41 GMT
hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame 8629 		0
238 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypRGGuQhxDc8DNCen

Response headers

Access-Control-Allow-Origin
https://stud.com.ua
Date
Tue, 06 Dec 2022 02:54:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
verify.js
rtb0.doubleverify.com/ Frame B2B6 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_811898643415&jsTagObjCallback=__tagObject_callback_811898643415&num=6&ctx=15911784&cmp=198000&plc=6985913&sid=18330&advid=&adsrv=&unit=300x600&isdvvid=&uid=811898643415&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=99&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=16&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauDEF5%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauDEF5%5D4%40%3E%5DF2Tar9EEADTbpTauTau%6036f4c_eg63chf5h4e3e6ge6ggec3fae%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.50&callbackName=__verify_callback_811898643415
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
6cde524e6ba549ae2892f37515bba1cafa432bb0cb93049f189dd434a50b078b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/05/2022 02:54:41
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 893E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8C17 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7BD 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 10:44:06 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8C17 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5804b1b2063b20c732b7c083513a9e0d1ec69bfd59b1b51282e670504b454b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 105C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51P...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51Psv7Z_d8RdYdeWLaH652unJEjqZ6di38bJsgoPz&google_hm=wRYBrpFw4EHqF0Dj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51Psv7Z_d8RdYdeWLaH652unJEjqZ6di38bJsgoPz&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZfeBH5Z4oEnJ6P1EGEVqaDh2f3MkPbTs5lvZ-N8hykfLnz3hZ51Psv7Z_d8RdYdeWLaH652unJEjqZ6di38bJsgoPz&google_hm=wRYBrpFw4EHqF0DjsZKweQ
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZWbcQgMU8F0s7Bl_Dtszwxc1pTM_JSLrvtFOOyad4__8Sye37K8v-1r6sesEkvfcOsoZfs8bTgbSbCUyQMfq6J4Hicxw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 4740 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJevRadti007n14VAbOw32U&google_cver=1&google_push=ASkJ3FbvfQv1eptB8WVGi3fQEafUDOZ63SqugD2EQQCd9QfPOAofD2vKVJyG0SeA1DCqfr565VXE_rzOPbluE6xpsvncxPTH
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tlapletmsordm5ap3vdpjq2ms8dfj6mr
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaOmPN_gc_WIMV20QPaKbNXjGwTK8DYlYp9K2Tc-mJldTs3dl4b5u4RJLfjyDGVWDUwp9IKBfuJ9B8qPBASlpb-w_A1nA
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaOmPN_gc_WIMV20QPaKbNXjGwTK8DYlYp9K2Tc-mJldTs3dl4b5u4RJLfjyDGVWDUwp9IKBfuJ9B8qPBASlpb-w_A1nA
date
Tue, 06 Dec 2022 02:54:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-Se...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OTU0tMTItSFI4RQ==&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-SepNnwthudB0H8rUu5OjGf-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OTU0tMTItSFI4RQ==&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-SepNnwthudB0H8rUu5OjGf-
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OTU0tMTItSFI4RQ==&google_push=ASkJ3FZsqAMkbslVo3_7Wpyvmx1xJkefvARsvsDMHe55Rv3CPgDkUCKf27TSvYg0h7ysGuzp-SepNnwthudB0H8rUu5OjGf-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYifJnOUo6psa2FAn2E9CF9C71NyxobG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYifJnOUo6psa2FAn2E9CF9C71NyxobGjQJ6dX5MeUat8RMItk7qv-Prs-XL06DbhTcBDesoKVFCKNrgcI20uSW2QODdA
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQR%2FBAThNQUrA%2FNnrj%2Fay14CpksW3JS9fEjfxDraBapcXDLUtq%2Bxbou5FFqd0R3femnvnfNct8QQ8ARt1eUHCdScoRG6vnUsInBGasyjXsNgn79hD%2FCAEL8c8nBOzaW4sY9A7Bujws5GBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYifJnOUo6psa2FAn2E9CF9C71NyxobGjQJ6dX5MeUat8RMItk7qv-Prs-XL06DbhTcBDesoKVFCKNrgcI20uSW2QODdA
cache-control
no-cache
cf-ray
7751bd065ac7dd1b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4740
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG_Pb0TshKK3-gaM1YbOmTo&google_cver=1&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA&google_hm=m24uzQTZSYm3Nw6BmM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA&google_hm=m24uzQTZSYm3Nw6BmM5UIg
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZU3O2HXEVc9UGNhIWfva99WgYPhLNfUkl7QZJaTl_pXWfxSdO2u1BIj3kYhQSh8pB5LGbVzVp-DQcODZJaFa_og92mwA&google_hm=m24uzQTZSYm3Nw6BmM5UIg
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
no-cache
content-length
0
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4740 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyvhWGWc2j-DNakggpcpYNj4cAhNwdLuk6dVFTnNeEj17S2EykVF_myf1UR9ahnlCLIK5u
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
verify.js
rtb0.doubleverify.com/ Frame A2BC 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_511309493462&jsTagObjCallback=__tagObject_callback_511309493462&num=6&ctx=15911784&cmp=198000&plc=6985913&sid=18330&advid=&adsrv=&unit=300x600&isdvvid=&uid=511309493462&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=99&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=16&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauDEF5%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauDEF5%5D4%40%3E%5DF2Tar9EEADTbpTauTau%6036f4c_eg63chf5h4e3e6ge6ggec3fae%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.30&callbackName=__verify_callback_511309493462
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
fed72901ca483968459068f26a7d91f7083f93551ca9cda4657796d7c91092d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/05/2022 02:54:41
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 278E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3498
x-guploader-uploadid
ADPycdstKbdDr9AAOZLekjc_I7jMlMAbaNIP6qLL98DMdThFKn4WYSAoP94Y2agIZpOBsJ2hoFYdM9fbmMzaFnfFIrTStDA_Bg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BY5UWFshU14ATRlO5RAibxE%2BOPVYwwEN6RnqZJPa2jMek37Bm24Mw2mQlDB6MxgXMw0XwIZWgl49bwPnH6tWcQsi1MmYc%2BFUq%2Fh7Z4Lzyji2gB%2BlnR%2F4t3tJy1AUhW%2B8owugFcWt15rJEkerXezKAeP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7751bd067cd27501-LHR
expires
Tue, 06 Dec 2022 02:56:23 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 523E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frame.html
ad4m.at/ Frame 4CAB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
802167
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7751bd05eca97576-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 02:54:41 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lylQj3bUhc70R0DBk3zHabh7SmXLfcS6MMoF3ejStR%2Fb3NhsFpWDp0PFKuN4nkqKAR3qD8h6TtJILzZlj%2BHIjBZNtMGt1JLzpKttbhxuC7fexVRTkbxfJq19mAzoWPzCMUgRTWA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.html
s0.2mdn.net/sadbundle/9974715383312914420/ Frame 8E54 		26 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c12634c69fbabd3590fd2757c1986ac39068ceda738e24c37a9026c9f7811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
565422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5284
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 13:50:59 GMT
expires
Wed, 29 Nov 2023 13:50:59 GMT
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8C17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssseCESQww3WCi_Cv7JgIXmJOfo89I9-cZjQTbcbhsurPa14C62mBBS2w7jbhZXyqN2xqhHKf4OHS2jP5z-VEFfyuNaEXYn8_FuzcDHWEv7cf968YKcbYDlyDMm7cw-h06sT3bdvgSyfQR124DRA-jpZL8B6wFGrSdo8z7U57DXzDeFqlBIy3m2L-ZDzmsoos0m6W_lq3uvqTtvsMaakUvw8FOxVMYEUEyNYXS2oARrR_yWmV9pOlt2zSDMbgdKpqVYUzrKP2f157lkluC-D11_KC_qJfJSWeJtsUWF8VAcZZv7QDsPEFk8oNaxrjgrdC_I2Ai_LQ-3kUEeFWYfDPxTZ5mGusrt38QWNLPFZ-xUWLns8dtmcG4vF0yqygN2eniZhJM1IacOfnrZR3Az7uCoktAOO9cyaLUP0mtwtVxtMI9rakq7A15gDNPxEpgd1Ve7HtAc2DrYjZWn5AiDolxUeqBbAdfSgX2VAn6ShqAwODgLO6O95OWudgrfkF5Vto-0jtclkZWFNBB5IuRnYrUxVJz9fA5SoGjU9PfpWPxKRGU5JReW3DW-NJcvVEL0j9FZgXhC86A9MzhzihW3xgcuUmn-SWXn_LDYicLAf6G2keYuvgiqnNtrWie8BqSpVCsKuzkyw8qgGH9KznTQz9lwSy_kPgU-cO5fj_xKgGMCwb7ad3Ukp-leq6L0UqHlekJNhjmp-Dmdr2DPrsPaJxvP8jIsYe-hKIb0tA6u4-vVdF4TwkRF7peGSDsoG-LZD2jiSTRW0MunK63BwGV1BYQEWixUs8umag31R7QUmTHeodMGaKRNVbPLtuGuJT5RXslycfrS_ZAMeQRXOonAjcUqQGFzXA2-iLgCLDRef-Oovy7ssFTEdMU61unA7i_KgHlXql5TP1CNb6gv0GuGJ43kkT5DLHk_Yw3Q1SgzuCPE3C8MT_-x_5ycxzShpl-czlRpwRCNqlLQchyKKI_xuwDjHSeqVdoRYKCpTnPwbet_0L4gK-zmWKOZIixzdEzF7V0Ciew2_aLRVE-jaruPLNldXnKOqMfpLT1OvfEGJliv53knGzmY0FakSBFwegquyzSRNEQlCIoMInvquoRx4osNCNm2L4lxcAwwl5CvVZcGsfTnGtBSzI50jMp1SfNVl76prlvw0W4iZdR0hB3nmt1gcv9IS1csv0EKOfqOybtiTqRk3J3dEsBuK6nnJUg54kgN1PZRLtU&sai=AMfl-YTByf2tpjtVH_rsA0UYCX9uSAiYhgvP3FRmR38hNS9MRpF3wsd5RPyOh-x95gXvRRvN5blLZxmBw5lGxv-9fGEmkVM2-HpkmfjxmKaRsSahBdGwc3vknzB1PDTfs8W9aPy6M4grVAyH_FNsi6DTLIQqe7gQhw6Iynd65jxEvxmhm7_KrQuLblEDzm1bb-2O6_r8N_fAmLrlM5MGf8Fvv0bqNgUYPvq7tHGtfvRb70L0h9aGK_eW1t5FsvN715n1nO0-mrwHcr4_Pbwmgj_ly5B6wzcNKKuuPg&sig=Cg0ArKJSzJOT62Mj1U8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=208&cbvp=1&cstd=204&cisv=r20221129.11753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:41 GMT
index.html
s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/ Frame D219 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf6cd2ca21a8357e8ab1db7c9add8551b4bab7403d332db88925b0ffea15237c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
362887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2361
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 22:06:34 GMT
expires
Fri, 01 Dec 2023 22:06:34 GMT
last-modified
Mon, 03 Oct 2022 07:27:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 46E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHVS45cmq-rUc8Gs8XxwFUy1bDnEqC6Bf3FZmIGxey0KBGEPLVV4e8non6BncFimsqef7xENNhEzoZo_4wRcP8DqLVOfQn7frNWCXLT_MZ_InMBGqYqE6FY6EVaXc4toNAbWaVB9TXliz_ZbKKMQ_VrJi1qA-mgdn4A3mf3NBofQcLETZmPU02a3mc4zgV1aA5zSrOJjGLwZFCahaBUMYsw1nLcjbQ0RkoXgvG6G1rOndpo0BNGrAZ65jdru3aDIEd9gfFHbhqRiYYgFFbaK9SVac9rxX34c-PnZMR9bqULRC8FWUTe3s8JyUMU8JdQY_yDz8qg92u7DwQLBTUOlDh1JWEnJwB2ahHcK1bc9cgMD5hGtk4IyBd4sGbBWa9QqgGYdIo0UWPU1_taGgLsivtcYtubz6n7GQCwRMXoHPtU3zM6eLELg8JgQjIjZAmkS3taUPxxnpuz9DnivIgxFX8B7O79Vp7cxH5L0JoHUVgqZOi5QTSEhiXwY44CU5eCR4nWm5QWJK99IkmsO6SgF33WSpsdBtfzDW40uzV13H_ieDlgKxbBGGWe0oEUFvD0D2BYmiBJRTrS2hnO-cElW-Cjw3UEIs7BXucbPdVD9ORnALXXfqrWqOfFekn8HYtj7l8Ox0VkC4e4FNAfYk3ysCrlo_L611gFku6faUNSaPYKBIwJ-9Le6w3ELFZfHtKEFZSgs4U7KLJvcTLQnaTTNIYd_R0dzM2Q0W8iOxrGHzKgsFbApnAYJq7TnjT0nWjt6xJzgnhKESRFpZvlcjJWIIw6EbC-oEEpOAKqa-59TbLphMGgPVCKO3CwYZ1Un24EdJmAmH8CeL-_7zbF4OGApdMSLk54OUNMtlGfCAkUTlv0yz98IGJOa4T2xaltwFYM8vE890SQw0XDofQjxv7zYXs4_BGnSjGuKXNhrdtOr1ZIhUFq3o086JJFgGFsIAK8B_9lcmFTjFwzGRDzLlxfexCMhjTbPycN0gpXPsAMlGhAM2TFkWXUWgx_WH89pvbT969hMVr9dCn1kegkSJ5yU297DotPRQtdYYegDMU7v7lNSjPll5M10KJ8MF3sLGc89SnDf4H_OR5YIydn-m030hhDEXsxxkdk0tbekzylMrmdWT5nVf71XWbU6QZ3Z-0zxUAgrKxDWijMLlByi_WeTKhdKCM9QlilfxwBvs0kf5rSGljOoPspmqwjadIg2EhF48UkeAjNi7IzBwWhePW-Q&sai=AMfl-YQfPVnUjt-hwOkeAILQDtpdIzm581DYMtZbQ4Yv9unTukHHpwvrLnN_PzbAYWEs9kSQQLyy1iJQnS3fx26wOK6dMu7R_dqu6w7Ns3-GDB5HcRBz5yoc_TEt5RpMb7WLr7JT_0FP0pGvwKCWQHlnxz27mIVR34pqy5I1r4t4YTBtDo0tXmWQI8vm2cqIj7mrEdRXPVybNtdHPgG2anbQrzogoveFv76F3WvONKovme-AoDLsZCC8jmeh2gJV-E01vOeBozLI-WQ&sig=Cg0ArKJSzKsXubCk-eCwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=302&cbvp=1&cstd=300&cisv=r20221129.76905&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8629 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseaDyBB29gtWEVCu2Cw1Y-mPBu9ex1yfD_2EZUEZeffQQpfLsvC2N1t8rx_gewxNzyv6Q0pzTfHZnRTfWREXx1NiCYKnSp62EIzu04oH8-MC9dVUSwhMAzI0eaczhNKh23A-A7rV1thmqaAVZE8KauyS_I2w904ygh0qyNtuh3MZIUggzSOKpRGFMmzGIKTFPkrFkMtaf2qxH5FXzFHXtB_IL7MOeJ7ZQ-ni3Z3oHpTslU_vN5SNOtfUnnyxEHUwq2UEGl-EXabRos_Ub4Rl04tOr9EOPRvNzkpngkquKOPDi2l9asZZIEXaqedNl4X-E&sai=AMfl-YQ-mNxdQrggbGD3Q31LGiK2istqxEIzk-pFHrHfvBRdRnNC3Yjh2zvqDFp64F9hDANk815gG8hsZw51Uf7lEhw7NHASmjsu-9XMFxLekQ-LkM3JClngx5NbskbB6a2X&sig=Cg0ArKJSzIH9gtuIp5jVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=4274417511305150&bg=!7O-l76vNAAa7eOFIm3g7ACkAdvg8WoV6PqJk9BrljM6opsn9NSWPEGCDQfGsPZVGlGxg2f3vah5zqgIAAABrUgAAAANoAQeZAqZ6YWRjAjKgk6jqTc8bqLwWxL1qvQn2PJeXM56pBPbs5TVRtgw-FDZqxuwI24hj4U2ZB95Z3d9yrwYHlHwiH4Sx1Vo-yeTaBOy3t12sUV-HTNEBa5GptuyhATUHSAHxpnRObi_8-kP5UfhM00mE7Hypa2onhXpr3CaXibrquEeos17YgYGpGK_qfuo97HZL4S56fvFyltBpJDh700ZOLe-HaC7a1KCOqGV8Q6HOPsx2gC6TLShE2pGIEM8wMMelLdRmArI0NyvWpDaVlRisHmIsokqfTFyHPCQLdrtKT7FpeLHb77-FQX-9UonBE-rLLeNjKuad0G7E0wXhBIprtPfEJUvI7Wfhx9Ns_a3wXbk5W4zm4wEG681xCveZREFDneTIWEgGPE6M9NjipjL_k8ywDAMq96CiwgKbiQblt_C3GqeMtNHqdAKRLSSS7RnpXPvPLlWwc-ZMQuzlqb1rWKPS8ewKJM-Jn414R5ahUn1xvIcs3cC3NO06zTbo_vg52XkMVOtI32xRqqzRUe3jHFR32UD1ceViQIOs8cqhUW4h3h7LvtJAiulPI2DpmFFV_ffncCWlqomn2KMbuPWVXiEus3EPsEftT2gG14k1TQ32xqw38Aa1m4aQXUlJrJIsnzLmZP_GzYAJ9PU1fkdoAW1H9GKMltWEdvhSJTaE0PCASKehM0vwkMBgIpvWghbcjAYhJ7pbSUxaFaTY7IFR6kL9fQWRhgUMXrVlARRP2BO62GVcwowjvlfe9dH3yJGCv4fMos43XEvb2pCWDmHVm_5Lp9kmgTDIWYmjPaVAxAOk0hy0J3JzNCQROkwcKX1yZku1QLG5tjC1lfzBgmc1c0_urzhEuKtU6z71zfcFO6VtEQg36L-3PPPCxh1dUyyuD5YfKQZ9omA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
4.js
static.adsafeprotected.com/ Frame 46E7
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1196176/66167959/4.js?ias_dspID=3&ias_campId=1009160256&ias_pubId=pub-5656744916850703&ias_chanId=1&ias_placementId=18467292430&bidurl=https://stud.com.ua/&ias...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 10:29:38 GMT
x-amz-version-id
i0qbiPqmbLZpjIk1u6jGgDNsSmNkOU4Q
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
404704
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 01 Dec 2022 10:29:31 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
K7yKefkiG1L3eIKDCnrsUv0jcPKyJLMBPDrW5xR4Lc_5D0uer1PIrg==

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 06EE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6520705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EzSU6Rwgb5P6vK9wERO4pz25FbHgMwyGmAyQ7O-R_wM0WxyAv0VBpw==
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 893E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3C5F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame E7BD
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oa...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oauwdJKJF2IE7XhIeNVyjTeqGe8YVZ_RcR61T56HaEId&google_hm=wRYBrpFw4EHq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oauwdJKJF2IE7XhIeNVyjTeqGe8YVZ_RcR61T56HaEId&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbCHRvQW_njWirrZ2WfLSUYsrpHWrgbiYsBstOgeIPBIqtjR7n6oauwdJKJF2IE7XhIeNVyjTeqGe8YVZ_RcR61T56HaEId&google_hm=wRYBrpFw4EHqF0DjsZKweQ
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame E7BD 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ89w-x4Mg1LLAM8zPW9k9L7E3IxKMvPSu4m7PZMcGxgPm5w3H_DEEpeYbBHWAF19dVVrJycL1XSS4USl4bpNPOAARQV_M&google_gid=CAESEMrmoGG4X3B3szWKQxERQMM&google_cver=1
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
odr.mookie1.com/t/v2/ Frame E7BD 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECqmzbyMX5WnlZDyJ1FiDtA&google_push=ASkJ3Fb2W1SmRvjRLYgUFAqUvqX4UyiFMVMChnuGEkaB0wINvq0R46SZuP-JMPVvfzxd7jOovSbhwsjYciXyteP4ayvAwpzXNpXj&google_cver=1
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E7BD 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJevRadti007n14VAbOw32U&google_cver=1&google_push=ASkJ3FY01pbhss293FX9t3zhxEpqFd7YlKJtHuo-d9qDZpjLXchFhluNeRcuMApnNIzOF7PJXTx-EO-7gjoYlmwEImFEaG9oemU
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3ivinl2a3fohagp86tjjum5btf31adoo
pixel
cm.g.doubleclick.net/ Frame E7BD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbgV-pDcBKWk8gtqkfukvn4NSUJxAxPoagyOP_XPeg3dTBWLP5FQyBWsY6mjhvciQFBZGCgrL4UGkv4Z3XLu6_sE8nuSfw
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbgV-pDcBKWk8gtqkfukvn4NSUJxAxPoagyOP_XPeg3dTBWLP5FQyBWsY6mjhvciQFBZGCgrL4UGkv4Z3XLu6_sE8nuSfw
date
Tue, 06 Dec 2022 02:54:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E7BD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OUjgtUS01TzNH&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM55GMhLBkv_zR_qKVBrMbbIt9yV
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OUjgtUS01TzNH&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM55GMhLBkv_zR_qKVBrMbbIt9yV
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9OUjgtUS01TzNH&google_push=ASkJ3FbwIXwDJ88dxN3rUdWdynVvMZRn0S2r2LssybEKMK9OP472k5laFni0XcAXbHBDGFbEwM55GMhLBkv_zR_qKVBrMbbIt9yV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame E7BD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYOknhQ5z2bUuMk5D9ARpweaen5YxWu8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYOknhQ5z2bUuMk5D9ARpweaen5YxWu8-ccR_Yr4kBC-rJEoJRLxti52ZUhBF-ktORM_dmZH7MMxszaqfGaQpqoiBS_2kbT
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDPaNDItUU3ledcFdHXmSGnn3vmaLQ%2F%2BiT5bgnSELBpIJWYzJqCOuFEfzcXJVfB3vMRCrzdAAGfarT4QVxvCZoIUUDz47OIUvAs1Yl4D4Xc0xkF6WJ1q2p5neWLRkTLCF8M8b9cUS9oEmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FYOknhQ5z2bUuMk5D9ARpweaen5YxWu8-ccR_Yr4kBC-rJEoJRLxti52ZUhBF-ktORM_dmZH7MMxszaqfGaQpqoiBS_2kbT
cache-control
no-cache
cf-ray
7751bd06cb08dd1b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame E7BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCLZwDIwxSduA7mw8ApCz0bq6Oy-3A512w5kh-K2Z7s5bflcN1EyW59C16cohAAiGnyxN3
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sid
mug.criteo.com/ Frame 7A32
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=stud.com.ua&sn=ChromeSyncframe&so=0&topUrl=stud.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=swjd_nxLRG0zY0loRWdvN29wUllLV3RobUxwTGFvWENPVUc4eGxMaVFrR2JLUUNJdDNkTExWdnI0dVk5VG1CTWxvc0hZc0ttMzhqOXJzaFlQWVlMbW11bnJmY0ZqbUtIUnFLc3pJM2k2OFJHZUZPb2wrZTI1ekJYOXZPQV...
422 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=swjd_nxLRG0zY0loRWdvN29wUllLV3RobUxwTGFvWENPVUc4eGxMaVFrR2JLUUNJdDNkTExWdnI0dVk5VG1CTWxvc0hZc0ttMzhqOXJzaFlQWVlMbW11bnJmY0ZqbUtIUnFLc3pJM2k2OFJHZUZPb2wrZTI1ekJYOXZPQVJvWjRwUDdjUytxVG4wUkpzcjBSOUExMzhmczhoSmw1VnJwOTFtd3N2Z1pHV2pQMlV3V29XM2ZKWW84QXlKZFhLRjhUU3RBVDVwS3cxL2dkcyt5Z1FKZTFDYndRTElYLzFLUkxPR1ZYb2VtbEN0TE5MblpuRmc4QVovWTh5bFdFVnVjaHdQcUtZZG1pNCtNay9XdU50MzN2VW5DRk9Idz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f270a8e86b9492388fa052b78231971859de971ffd23873568b5a5852f44ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2145512
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=swjd_nxLRG0zY0loRWdvN29wUllLV3RobUxwTGFvWENPVUc4eGxMaVFrR2JLUUNJdDNkTExWdnI0dVk5VG1CTWxvc0hZc0ttMzhqOXJzaFlQWVlMbW11bnJmY0ZqbUtIUnFLc3pJM2k2OFJHZUZPb2wrZTI1ekJYOXZPQVJvWjRwUDdjUytxVG4wUkpzcjBSOUExMzhmczhoSmw1VnJwOTFtd3N2Z1pHV2pQMlV3V29XM2ZKWW84QXlKZFhLRjhUU3RBVDVwS3cxL2dkcyt5Z1FKZTFDYndRTElYLzFLUkxPR1ZYb2VtbEN0TE5MblpuRmc4QVovWTh5bFdFVnVjaHdQcUtZZG1pNCtNay9XdU50MzN2VW5DRk9Idz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
726146
content-length
0
expires
0
dt
dt.adsafeprotected.com/ Frame 46E7 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1196176&asId=c6e7fad8-0970-8bab-d694-3824a72b30f5&tv=%7Bc:vYU9Jb,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tpcwMuh+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C18%7C19%7C1a*.1196176-66167959%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e111%7C1e12%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&br=c
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 46E7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1196176&asId=c6e7fad8-0970-8bab-d694-3824a72b30f5&tv=%7Bc:vYU9Jd,pingTime:-6,time:66,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tpcwMuh+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C18%7C19%7C1a*.1196176-66167959%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e111%7C1e12%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&tpiLookup=ao:stud.com.ua*&br=c
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
integrator.js
adservice.google.de/adsid/ Frame 8629 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8629 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8629 		58 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1146154848671526&correlator=1985965347161576&eid=31070946%2C31071148%2C31071155%2C44777901%2C31061167&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=29636627%3A21931593928%2Cstud.com.ua_970x90_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&adks=576569433&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2d26b261fc1b7c0a%3AT%3D1670295279%3AS%3DALNI_MZP3mTGh0Jt7ulD-efw-JoEoJ5AYA&gpic=UID%3D00000b8e70637430%3AT%3D1670295279%3ART%3D1670295279%3AS%3DALNI_MbWv7_MM4UV4lr1j2dXSJCIC8jvAg&abxe=1&dt=1670295281734&lmt=1670295281&dlt=1670295280872&idt=704&adxs=315&adys=10&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=kwg29yyjqh4d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fstud.com.ua%2F&ref=https%3A%2F%2Fstud.com.ua%2F&top=https%3A%2F%2Fstud.com.ua%2F&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=523528440.1670295279&ga_sid=1670295282&ga_hid=828974514&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGJ--7arOMEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6555d0cd8ff3c66a3aed31e847dc2de95e328b539563b673d90cd04ca5e6825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12986
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://stud.com.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8629 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa63125006170d55d40133a28ff3e8a8c64b38682caedfd633fa67433bd5b281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10914
x-xss-protection
0
container.html
dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0451 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
expires
Wed, 06 Dec 2023 02:54:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 46E7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1196176&asId=c6e7fad8-0970-8bab-d694-3824a72b30f5&tv=%7Bc:vYU9JF,pingTime:-2,time:94,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:760,beZ:761,mfA:762,cmA:763,inA:764,inZ:767,prA:768,prZ:777,si:782,poA:783,poZ:803,cmZ:803,mfZ:803,loA:825,loZ:829,ltA:853,ltZ:854%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:94,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tpcwMuh+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C18%7C19%7C1a*.1196176-66167959%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e111%7C1e12%7C1f,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:23,sinceFw:70,readyFired:true%7D&br=c
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 105C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 523E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame B2B6 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=6afd23dafba34e1784d60d15033cef27&vfdur=264&cbust=1670295281752852
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
12/05/2022 02:54:41
dcmads.js
www.googletagservices.com/dcm/ Frame B2B6 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 06 Dec 2022 03:44:10 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame A2BC 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=199fb393252847ca89a5d91cc94769a0&vfdur=183&cbust=1670295281754430
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
12/05/2022 02:54:41
dcmads.js
www.googletagservices.com/dcm/ Frame A2BC 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 06 Dec 2022 03:44:10 GMT
rs
ad4m.at/ Frame 278E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8496f57a7d3e2fb42225fb550ef292310df08e23c928dfb86aa5763a995cbe

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F4p%2BSgpOO6EMRtPJOPTr3e%2Fm5UAF0j09DsIICgMgAwLoqH8UWzjY4axwKpGoucmX3JUZV%2B4rPDXuHw2NMq%2B6yfkJO%2B3SQtqu4WVTRGxWKuxle%2FtQETGZc8a9HlYli8UcnNwxs8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7751bd07d9be240c-LHR
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7751bd07695b240c-LHR
content-length
24
content-type
text/plain
date
Tue, 06 Dec 2022 02:54:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqfNVbs45S5npWbHQIXVD6wkIC%2B0zlx%2F311z%2FEjO8Fjo706vx6meiMvXo4cyTdItDjdD6BcSqsVASHUX%2BfkKzVtV%2F54eh%2BHKjrIj23YezvO9oVDIwkMlKPMDRhFde0GBv4gUS4Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
caafd485a4229a8786e33286a6757f51.js
s0.2mdn.net/sadbundle/9974715383312914420/ Frame 8E54 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/caafd485a4229a8786e33286a6757f51.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9adf2872df2e729a3f068d8372119d928ae9b5fc6b54076e452fdbf84ab5d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27504
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D219 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Dec 2022 02:54:41 GMT
728x90-filipari.js
s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/ Frame D219 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/728x90-filipari.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e409149efc9f5886d5196c4f98976b1e4f2d4f523ad480ce6393f7ec721dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11231
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 07:27:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 06:06:33 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 3C5F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8629 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 02:54:41 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame B2B6 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 02:07:50 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame A2BC 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 02:07:50 GMT
css
fonts.googleapis.com/ Frame 8E54 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/caafd485a4229a8786e33286a6757f51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 02:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 02:54:42 GMT
b04c565e98e18177eeb20b8016d74cb4.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/b04c565e98e18177eeb20b8016d74cb4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e720f62b459f49955da948a39307b9af8b26409a3369937ada7707ada38ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12569
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
899fe4ff9f2dad1ecb5415ff402f2ec8.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/899fe4ff9f2dad1ecb5415ff402f2ec8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642905537a976d941a808ef02abf0acc468623e46d2f6434a48cdf2ea9914bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6562
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
623b97151031684d8d8cf50d4b296fb7.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/623b97151031684d8d8cf50d4b296fb7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5363a271c8fbf6e6a6679886d4bcb588d1bc0702a938df09dd80ba581afd92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11645
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
e91c4ff65230c58bc83bfe630f9762a2.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		860 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/e91c4ff65230c58bc83bfe630f9762a2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d1d18414542767c89d12c9a0414acc07895660a06b062a754f231710cf93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
860
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=2913917844;ord=2crxtf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOT...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame B2B6 		53 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=2913917844;ord=2crxtf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=101;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
c8cd2c1e9bac5933601ccf529f3dac1cd6678ef578181ef411623579905ad09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25702
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame A2BC 		53 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=104;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
6eeac9335492aa35ade68bb9255dc5917c5018d055b111c8df9ff928ae923076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26125
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
21363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 20:58:38 GMT
expires
Tue, 05 Dec 2023 20:58:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 833F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c968d56c27b1a0ae8355f0d56c1fae6f92797597ac96e5ab2ee6f8415e72c384
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3K3bZdZujQ1d0ALTBGEz4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3K3bZdZujQ1d0ALTBGEz4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:41 GMT
expires
Tue, 06 Dec 2022 02:54:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 33D8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9c271b49d596b345906d1ce8e64521bd849a0bad25a9dff196cb7142848616
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hzwwv91wa69x5ycwsmpjf1k80xxq20hz1vf3cv5tgb02yh8wq70h471kwdnec2ms76s9kwm2yyjbx113f4cxwvtmznn5yp1y0v8ffy72kn6f26bshcp1nrgfsavyx8kvs45vsqphmva9nzdahd2d659xfjznfbfd0yj2t4k4rbfsphatd5ydb4vxv0f5ysnpwyd0wezpxbcsafp6qncjbqr8n8x6rcwwdy9gqb44tbptq53ac0pxnbmkgp4xc4przn8cxrkhd6efgn7qz3577b0dj9g0r11fgyb16hbak92xtw182410xgb01bcxpfcznc95h6tz35z6fbnwzv60t24zrme5nb3hp887t1528041cds7ggqp349vt8h24t2aqkftkp7q0byy12w5sfa9ry54k96x0gz73qa31hbd9g8cfybrw8sywptaafgzkjpbrg2n7h6yr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%26client%3Dca-pub-5656744916850703%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7751bd088e277576-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:42 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
728x90_filipari_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/images/ Frame D219 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/images/728x90_filipari_atlas_NP_1.jpg
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
613607903c79d25d0160be6ab1893179d0f41edfb0c7fd570cb2ffa192a68780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4416950175704689117/728x90-filipari/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 11:37:46 GMT
x-content-type-options
nosniff
age
227816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37340
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 07:27:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 11:37:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 46E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHVS45cmq-rUc8Gs8XxwFUy1bDnEqC6Bf3FZmIGxey0KBGEPLVV4e8non6BncFimsqef7xENNhEzoZo_4wRcP8DqLVOfQn7frNWCXLT_MZ_InMBGqYqE6FY6EVaXc4toNAbWaVB9TXliz_ZbKKMQ_VrJi1qA-mgdn4A3mf3NBofQcLETZmPU02a3mc4zgV1aA5zSrOJjGLwZFCahaBUMYsw1nLcjbQ0RkoXgvG6G1rOndpo0BNGrAZ65jdru3aDIEd9gfFHbhqRiYYgFFbaK9SVac9rxX34c-PnZMR9bqULRC8FWUTe3s8JyUMU8JdQY_yDz8qg92u7DwQLBTUOlDh1JWEnJwB2ahHcK1bc9cgMD5hGtk4IyBd4sGbBWa9QqgGYdIo0UWPU1_taGgLsivtcYtubz6n7GQCwRMXoHPtU3zM6eLELg8JgQjIjZAmkS3taUPxxnpuz9DnivIgxFX8B7O79Vp7cxH5L0JoHUVgqZOi5QTSEhiXwY44CU5eCR4nWm5QWJK99IkmsO6SgF33WSpsdBtfzDW40uzV13H_ieDlgKxbBGGWe0oEUFvD0D2BYmiBJRTrS2hnO-cElW-Cjw3UEIs7BXucbPdVD9ORnALXXfqrWqOfFekn8HYtj7l8Ox0VkC4e4FNAfYk3ysCrlo_L611gFku6faUNSaPYKBIwJ-9Le6w3ELFZfHtKEFZSgs4U7KLJvcTLQnaTTNIYd_R0dzM2Q0W8iOxrGHzKgsFbApnAYJq7TnjT0nWjt6xJzgnhKESRFpZvlcjJWIIw6EbC-oEEpOAKqa-59TbLphMGgPVCKO3CwYZ1Un24EdJmAmH8CeL-_7zbF4OGApdMSLk54OUNMtlGfCAkUTlv0yz98IGJOa4T2xaltwFYM8vE890SQw0XDofQjxv7zYXs4_BGnSjGuKXNhrdtOr1ZIhUFq3o086JJFgGFsIAK8B_9lcmFTjFwzGRDzLlxfexCMhjTbPycN0gpXPsAMlGhAM2TFkWXUWgx_WH89pvbT969hMVr9dCn1kegkSJ5yU297DotPRQtdYYegDMU7v7lNSjPll5M10KJ8MF3sLGc89SnDf4H_OR5YIydn-m030hhDEXsxxkdk0tbekzylMrmdWT5nVf71XWbU6QZ3Z-0zxUAgrKxDWijMLlByi_WeTKhdKCM9QlilfxwBvs0kf5rSGljOoPspmqwjadIg2EhF48UkeAjNi7IzBwWhePW-Q&sai=AMfl-YQfPVnUjt-hwOkeAILQDtpdIzm581DYMtZbQ4Yv9unTukHHpwvrLnN_PzbAYWEs9kSQQLyy1iJQnS3fx26wOK6dMu7R_dqu6w7Ns3-GDB5HcRBz5yoc_TEt5RpMb7WLr7JT_0FP0pGvwKCWQHlnxz27mIVR34pqy5I1r4t4YTBtDo0tXmWQI8vm2cqIj7mrEdRXPVybNtdHPgG2anbQrzogoveFv76F3WvONKovme-AoDLsZCC8jmeh2gJV-E01vOeBozLI-WQ&sig=Cg0ArKJSzKsXubCk-eCwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=742&vt=11&dtpt=440&dett=3&cstd=300&cisv=r20221129.76905&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame D87C 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 09:52:43 GMT
age
61319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 09:52:43 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame D87C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 09:52:42 GMT
age
61320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 09:52:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame D87C 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 09:52:43 GMT
age
61319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 09:52:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame D87C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 09:52:43 GMT
age
61319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 09:52:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame D87C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 09:52:42 GMT
age
61320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 09:52:42 GMT
css
fonts.googleapis.com/ Frame D87C 		4 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 01:16:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 02:54:42 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D87C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:27:34 GMT
x-content-type-options
nosniff
server
cafe
age
16028
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Tue, 06 Dec 2022 22:27:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D87C 		344 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 11:46:04 GMT
x-content-type-options
nosniff
server
cafe
age
54518
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 06 Dec 2022 11:46:04 GMT
l
www.google.com/ads/measurement/ Frame D87C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIuyxtHDHJvOltw5Rf1A3fAhsktCnfvzK-LWMNOZr188t5yRmSi33vuFCiJMHY5JC7-d42FNyJc3tYy55Zu6z2B5L-VQ
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D87C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu3O_8a6OY_b4MaHK7_UPm4ec-AOKmcqZbaCip8C_EInOx-SSFhABIOPgvCNglQKgAdOx-cgDyAEJqQLYqxkEPpexPuACAKgDAcgDCqoE6AFP0Bb3pb9DG7nsqHZTDkLQuPZADKKbomE_eT0yqR2hE4uPdLDFUfRUXExBEHQq-vBySxvzs9WW5YYR0HsleCqeWVVMpWEKsUcDSkkQP7ppZ-hrZAg5sX0o32noxERXuhuJVCwA1WWotmm3_8VMOMPRZVFomXvucKM4Ho2DW3LaKkj3-ENovgmrZEFYbagqa0BlQoxtSWK3ONS0zprS33Qbi8CYClNXX4Ni81JYRa2_62l49tnLmFFK_4buiyA1K7MGiVyBxn7t8cIfOONK9e6w1FS5qJ7j7ClkQKE_O19TZ_nJ0chYzGVSwASW-_6JowTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH1pPlOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELyeB9IIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjU4NzI2MDM5ODM3NDY2gAoDyAsBuBPkA9gTCtAVAYAXAbIXHgocCAASFHB1Yi0zMzc5OTY5MTE2OTUwMTk5GIu6Eg&sigh=XJobU3LxVIE&uach_m=[UACH]&cid=CAQSOwDq26N9phkXn8mGxesKqvY9vPlvhkTtAh9NlRHu-gSx16NR5RbWjtS7jGoeOM0JXpzj2wApz9ZIm0aBGAEgEw&template_id=484
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame 8629 		0
238 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryqdht6bps8tN1lxxU

Response headers

Access-Control-Allow-Origin
https://stud.com.ua
Date
Tue, 06 Dec 2022 02:54:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 33D8 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669909960
age
384129
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 15:53:06 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669909986917312
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y59mwazrHmgLMf2hYfAeEk9L2ot%2F25eZx1pL9sfOhg6erdvWK1ettVdj82pfkPscrz6lr%2BAg0rEZQjahT8YGzRdLk2bLHtfo2rfYuVb0Z3exmDJuLd97JFKk34jjl1xdSmO2eGDSZRo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
7751bd094eab7576-LHR
expires
Tue, 06 Dec 2022 03:54:42 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 33D8 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76082
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf4YdSCZUUWn7V7wyn5Xuc0uUzI8jVNu4zxnhPPqlYTdFSDsY3osnVBiZCyjitlCcX0TqFi70rDev7ZGqNt0OXPo56l6h6d26Y3KHbF43VKXKFJ1tB%2FpCe%2Flx0kv3h66m%2BCw0eMmAWdpCDTW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd095cd123d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 33D8 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747dca55f3574e0e2e2018f1e7ade84da708f8311d4ef6be6002b20b62e7a5ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75779
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59917
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KqEVDcMiM%2ByeXttu4v9noJpRzuKgJGYX%2FdcWw3UkycdnZCbu1AxM6mA8SDRW%2FvCPLEiFOE%2BlG82MtPrRT5HBJH%2FTwEbAy4eCWvBTgXs4OVTGwWQLuL8x9y6xV7S7CbuVuQgTRu1ssxj5fpA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd097cff23d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
/
partner.o2online.de/a/ Frame 33D8
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIDP2uf-4_sCFY3luwgdGvEBgg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:43 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 33D8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76088
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u4ICRDgJumGUIdTcrFjOs24yGCwuUWoQ7Emxt6vw8KZ5apnX%2BSmup%2Fyr6t2fCzICLENp5IY98jgK1sgEP6PCJ5L0vXSckdgDLwvg9ge%2FO9h%2FLqEdXW8S6T1qMBs3o%2FYTKP8wYnSvaaWbD7F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd097d0123d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 33D8 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76088
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O09IhuomF5iL4lo8a1zA2GVVNYCcnl9rO1B4mjkpfebZ7BOoNAPFy%2BwAGlupViDkFihX5d%2F57j9sDI1MVZaNdegNM0ZvDFrMbBDizOl4a5rlSUp9ri6FIvNIee6eth5js8q0bnsK5dNCmgPD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd097d0523d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
ztpv.php
www.conrad.de/ Frame 33D8
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1670295282_5537d690-7511-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
0
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1670295282_5537d690-7511-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
via
1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
889651190
cache-control
no-cache
cf-ray
7751bd0c6a69756a-LHR
expires
-1

Redirect headers

Date
Tue, 06 Dec 2022 02:54:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1670295282_5537d690-7511-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 33D8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75994
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FpGwIcIKcUqxdx7XKkRMthHp2ToWW248LDZ%2BWhCYd8NjmF3tFRcQM3iMzs%2F%2B1DWZSIGgqOpilDG4l7EdLTpxMB%2Bh2W6RiGrRH%2BeVrKxSdMCfKnD71L86ZQLmsDsmvXwxah0lsYGej06KSeo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd097d0623d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 33D8 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75994
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeM216pQ3cR%2FXZFvCrRf%2BJNnizAPcYlPGlIbotS9CjLAE1S4OS7bfCGz0F%2FBvyaOI1X4%2F1pf9HC0MHtgYnKBOgzu1JxbDsNasQPC%2BTrf3FZ7GNvZ48nhY7LJYSg7%2Ff3fnI%2BrLjJkLjplLaKL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7751bd097d0923d3-LHR
expires
Wed, 07 Dec 2022 02:54:42 GMT
cshow.php
www.awin1.com/ Frame 33D8 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19457%2C188429%2C117569&b=9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=d7e6727dac3b19a3b02bc8fb929e7535%2F10093206683373992385&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1670295281911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbk49cz3mvdexk3wqm548rgryt7kpv81y9m5gpevswh7062pb43dm7ad7sst1qv2xekehqy9nq8dr6v9q49w2zbhj39mm8hh6atf0jcgxftd8b8ce28crjz4am82hsdwp658b46hzpx33xf7sk68gqjfkq4ac5bw5xgen3ert7xdgq47764kn4r53ttgc8byxsarjnxpq059ce9k7ed5wvhy2z4qfrw3rcg6j6j1tfwvsphma90w90c152fkgd6147jyyxwdgzt2vwgqgjqn3bk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXRla8K6OY43EG4PA9u8PirqWoASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpApyx-zNembE-4AIAqAMBqgTpAU_QrDhu147OPAdLxcEB-1YPMhVysu5sugvaSo6avpjMRfVWqO_smwdUexlf0cdT7zzN0TGUtzvYBy1XBDVE4lMYPfHzS_FF6MR7XpKZSgI_Wi2z1_JUATuuuBH1ucvENpY9UfrPVk-a3JYaKSQbE7jUt3w6cKO_j3G_pRKgqdoHeOmKc0yR2lxHk2jBiRcG6qXuDsgEKOf5eA-o2HTTGxIq3YfzFEoQLAxONE1c9ygg8t2XCPiGv4wAPV-jw43sXkN1zrqduNdYxrkSS6fuI6IcuqwurSeR8PUU4Epr_OaHRDWBALT-AwPK4AQBgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0-7xoTx2RYJY0SGU5vI55Wx_OSag%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-253-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
6592766407814317453
tpc.googlesyndication.com/simgad/5906267061180034798/ Frame D87C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5906267061180034798/6592766407814317453
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a33bc9544413b28cc3ddd79edcbae9d39fd385e9b12f5bd45a742035c1aa3068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 22:21:11 GMT
x-content-type-options
nosniff
age
275611
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17165
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 09:29:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 22:21:11 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6544318235550678165/ Frame D87C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6544318235550678165/downsize_200k_v1?w=100&h=100
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21f5dd8a203308f3221c1a86def2ef84d69a87afd12a760c82494e6b29a493dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 03:10:30 GMT
x-content-type-options
nosniff
age
258252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2597
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 09:18:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Dec 2023 03:10:30 GMT
truncated
/ Frame D87C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b30c02acfdd8ba4d606e4c1a94bd41d1ec44bd3fd2fc5151bb8a66371986116e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 893E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHRf88a6OY-6LENPox_AP-LCe6AEAAAAAOAHgBAI&bg=!-fql-r7NAAa7eOFIm3g7ACkAdvg8WlXSbtpAkgLaR9GIKogqomG5m___ubLZgohZcUcmfNfrO-cUxwIAAAERUgAAAAJoAQcKAEXcmrfC3gn--z28g2h2UjWFV0yq2PH3FVBem88b4nZvt7wNs5G7IKkuVuXzZJuohJQrM50HdiXczkwEseiIzKOUpnXaBfCZAuU1jj39njfs0KJSuxiUAxT__xA_OkU9fRBLER4nUd0_xGUPFnYve7iRt7w0BZXhGQwhwNTk44VzHWeGQlqUbtIxfWJda2f9DvcwYKW54TA2v3FvLR_8-A7BazH_fXybucFBBPQ5C2mBDxZ4PaeFSO9J-XEaBAuQ32DF3tnEtA3umz5eqPU_ztzlbjPfZeNebpeG7LMqQ89uZo9reTNwyH45nUlqBjp5sfvc5j0Y6NG4_ovxs8DqYjigEZLbsRzm950Op9RZny589o7tPfZDcZJfJnUicYd9_-lFzgkme7C7WpBdIlugoQtoQ_MYUNs6emIushpJ0FKBo3tklwJ-rMN1usoDp-gdPV2kldLafz_p4w3uT0-ei-QtdQT3DwDfrwdzaaP2N90LLdrtFA0B2MStRLisFQlAZt2V94TPy7UVhCmfMRvsEIw0PnfIOMqO5bcLvLranps1Dn00KBERN5-LP1t7YzkaQg2uubT7uAQu__StJGvaUDyv2BNucW4cZ4aVF66pJUEgFCqa7jAdDqnkAl4bIDM6E612oSLhVc-g1pnRzLtkWW6ADrrl1syXqp7UY3bds7eQkVk5087HHHpGdzblzXq32ze_iTvEGkUfFfknXsKNneXcVTiDE6Kkzx2kQfzZGyzA2CNIhEou5Dh6Zwa3TI7zaH7Yn7xGfXp2QeEVCmwRzuBtyAOL90ak12rRlp0cGa6zO3OPTyhM0zyxmfcV5qg2ZyC9Rv1eeQsDQXYZTlyg2PLGGW-MGKoIrWwN1RBdBmHQ1ZoCir238jYfBfMV5L3NXbwPStLdl81Htz7n4XeVLi9DAKo-2sZsvSLrtdFE5qQsWNpFhqkiEnrMGz4hQIPwpZtoTr-vNdnr-IxrnaI3GbxPmR9dcpTVsfe23aV3fUmw53M_fbX0MCjBwjQi1Tb-d3yx4GI9Y7C_Qct9MwcGCe1vCCKUe7hX9XNYN2FGsfz5F0N3MLpkpNdkf-bVQ0c
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 833F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=1146154848671526&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c522ab6156a43e80cda442dc3d431353.jpg
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/c522ab6156a43e80cda442dc3d431353.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeffa1bf2dbf59661c6b04ee5d7b6faaebee0a54d10a188b2b9773c073e75f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2872
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
c2507086b24ce64257b9cb1a160372f4.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/c2507086b24ce64257b9cb1a160372f4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f810f56c712592f9127742b3516156f127c95c6d2987cbad759d5ee3466c0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:23:18 GMT
x-content-type-options
nosniff
age
261084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2576
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 02:23:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E54 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
36590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E54 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
399302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:59:40 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E54 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 03:39:12 GMT
x-content-type-options
nosniff
age
429330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:39:12 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 88F2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 523E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX7k-8a6OY-WvFI_K7_UPlveomAwAAAAAOAHgBAI&bg=!v7ylvPjNAAa7eOFIm3g7ACkAdvg8Wpkf8z75xfmyHsq1WUZeYi9Iu6YSnW2qz4H4pdrfjE9IHrD1-gIAAAEVUgAAAAJoAQcKAG2VmSzhKYJCTAhQwn3DusyupBkp6VyYMXyu2YSxJeNth_KqyEnSm_BN5qpgQofTXsRhUrcUemUJ-3UXucftIIK8R4oHzKvHc7KvSFo2oHn88trnX8isONvJryl-DW7rTx4LMveJby5LqV3Bql-HmQLpd9y99Gdb7XuCex-miXV8x97oFtuXPFv9Zc8n1yPIzpoiI4RnTPyC6Z-8MCBd-dQnisvF7aI7MPy_XeT86UIvrIxmSaIL3AHm-EGfNLHeFZkx4P0rTFnZnxsz75tAO0_NwV41F5ZyoO5K6cwkEf_D25xlF7US9pdyNg5vXLaV49tIF-GbUe06D3fO1hcbecYw5MumfLl_OQb8i7GAzEUyWSujCy57o0GoP2KnsPB3wr4D5hjQhPcTG1aFRKPnV0Y7vdD9N421NyZXY__tlgudT08oQut6xD9cJFp4ChqoRU_tIha_g8z1-xSvWqepSLItSwhqRp_a8Df8zhGjRQH9bkjuUy-ot3HSScvBr3s60RL--WjzNO-j8BU8_r5-aVpC6fWzWCj_FEy_XLtePm-NVFFqoQKU9heWLXoJQiyqs02FrCtzf7DrEOSEh9ewBmMEEuug-sWiHH0g8LZWrVnUUWB-44O0aQ-0lhOC6iSlPXtPkmOQY3lXQ8Ys7HJ7syl-lOnjZg-fhDmXClwYQpRJJkrhqkHWlqCZK9eonYKHM-HMUZDKtCpUj0RF9cYXLImaUioLcitorK0KOWgOS21puKzTW6iozBxtIIgNP5ILEIaiOOuldciWI-KgKzPjbC0NtKnBbho-lqN4o2SA0kzWRzV_pIOoRJZpEIex92TN7mOWwCQM4W9Msyyp7oOHxZ6q06ew9Eoirt7uhtge0_Q5R533Uc1Qgcht1SVQPsHQ74xI003CWLMIbV0UJOD3oXJGG8FPHoong7I0eZdbNKQ4fkk5wqauAskQlgTGXjd2HsK5zYRoW2VugXrfPvqlwn1H-fNaC_oRAQUWUZQ16rM5TeqcpR6Qszn5rA-Ai13ZFObMBf0m5r8yxFTQMA2YYgq3y4M0VUWQO5Ghgn2eh-W9z3t751VTkvdNYTrTK0J3oKfwZlL1VK2s3mcDD7IzOiLGFuEkAUHQI2n2trYBmjH_FyZh77d33ZZSsw
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D87C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stud.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
36590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D87C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stud.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
371547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame B2B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=2913917844;ord=2crxtf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=101;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:39:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B2B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVxA-vnIhH06pMUGN-U39qwM1HyL4ctVdW846IuFvYz046e3AyxkmfJK4f7C-kLLFMpQ7ZXW3AS038EvuVPhhh0FuD4_iUzrTfNjGJpx5lKmg40cvEXDSDE7EaVkNL4NDAac3X1GLahSt-kTQcB_G8C014hg&sai=AMfl-YQSJwCj3Fo5LUPhQjbKJ_R3h4vaQpj0s66G38gf9Ae5uzAQP3WAi-kjXt_yRCARsWEm4vnzyJ4nUz6n6hYTWB2i-rxRGIhc8VnQUPIQ&sig=Cg0ArKJSzLTemaqlqJm-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221129.80455&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=2913917844;ord=2crxtf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=101;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
13749058673586137604
s0.2mdn.net/simgad/ Frame B2B6 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13749058673586137604
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde2fbffac90405f2e77ee244bede51b9ccbc906bfa38b213444b2c1bf1f1a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 04:09:48 GMT
x-content-type-options
nosniff
age
427494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56409
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 04:09:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 105C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjLOt8a6OY_rkDOS7x_AP6s-1gAUAAAAAOAHgBAI&bg=!09Cl0JTNAAa7eOFIm3g7ACkAdvg8Wu44wJdUVnwIP5avxBEYtUsQQ1kovuVvr1PN1wd_fJ5JL21xVwIAAAEwUgAAAAJoAQeZAutrY6Zhrk7ZqFVl9NGmD73wDUqt-g2iTikM19LLIzUzVNd_z1cjV9O2ozoKsaRamgI8wbSwtcVoO2Gkp1foyvdIXtjnyEDFKIM1dKaqd59Tc71KWPcCpaubjcNxpWtaJBoaujRQKduapU6aR14ylb8PmOFfFF5FaCC6xq99AIxTckAeHZA9cJbv9nc31MyyI8e-giua2jc7lZeT68e7k0v_cnDkZ9PsSQJveLO9sMNMbitmhY5F_B1Gbq4wa6T6r-7Uqb5eBRl12CaR0mhCO2A3l-swjPvWK6URTkNykKTNYNtkhNkfxmz9RK2RAy_kIoIkZAkshgh5rahIfAFeeUsvZUsorN7cmf-HYIta6xtX3RThKCOcOwGiL5vQq-DrI1f5OuWDmw8P5CugTnlfFBjHT0aq38r6wkldobK_tc-uadgz0Y_ptfTi3VVkAH_OIndaszphLhRoXyhG2hTlORVrNWXyUo93iWNB5JQC-XuGuF08XQIt6d7pcZk8JYe5YVaBMp1UbXSeNLnz_FYxKm2aR5GcLOX9zbW0BKozDim482eqiqotHDJ8oFtqI5fL5aGFHjOxNeoR-uFc3dqIz7wX5BfmrI84oaFLtBWc_ZLEk09sL66nZjqpi4X1I9WZJn-JeJ28iCH5mIunLXrNFK33qx1JaWF7DGfn1cdLaqxGq1GAkJXlnk_gHb1WGb8RHYsI7wtahc00o4Gx0t_QSsu46WvWcU7k2NvD33qoCxxfvgZrOi2JsrFitQNfxWgnwkJ_Rm4Lsf9ShVU3Sm3rhE2NXM1UQqzoWTkXab799Z8IjnD0roJES4dv75y6biuRaTr8n79JOoVRQwdyXbVH2lwboVhp3hCZwdmMX5fwokOardEAO7z3odaGikSLv21B4qg-hNrvhs5kCyhc1HFeZLh8QidWgkR53qukw7rrKYzS-Uo1JyvyR3t54A3FUtTsdAYdzUxPmN0RT1cOTvEVZTMqi_vQeS7KChfeGSw
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 57D0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 92F9 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 10:44:06 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
13749058673586137604
s0.2mdn.net/simgad/ Frame A2BC 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13749058673586137604
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde2fbffac90405f2e77ee244bede51b9ccbc906bfa38b213444b2c1bf1f1a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 04:09:48 GMT
x-content-type-options
nosniff
age
427494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56409
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 04:09:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame A2BC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:39:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A2BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbX-XYPBNWVMpHARVr-BSk3gcscqhWZtibhQ1V7dgXFGterrQW-_Rtk1GXwBkOEP1Xf70_-zoYAwh92-s0zpCDsQOR1Q1j9IiydzqRY-cH3t5mkRCaWdyrMaaBMRuwrGVRq95fInVllakFByfKyfiUjXeKMw&sai=AMfl-YTx1TWo48tYQCguTYBSnCfi-HbQUaJRRzqd9j7mZWHyf0r6hO68CQOfbO6xc8bEE2AqQcNQ58eijyG-nLdSa84NSWDwIVh_BomHPi-7&sig=Cg0ArKJSzJDVsvOYWPGGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221129.06561&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
truncated
/ Frame B2B6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d08aac391f788887624299c7ff4680cd39d151001f8de376b3b651c92ea63d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EDA5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
40918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 87B7 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 10:44:06 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B2B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVxA-vnIhH06pMUGN-U39qwM1HyL4ctVdW846IuFvYz046e3AyxkmfJK4f7C-kLLFMpQ7ZXW3AS038EvuVPhhh0FuD4_iUzrTfNjGJpx5lKmg40cvEXDSDE7EaVkNL4NDAac3X1GLahSt-kTQcB_G8C014hg&sai=AMfl-YQSJwCj3Fo5LUPhQjbKJ_R3h4vaQpj0s66G38gf9Ae5uzAQP3WAi-kjXt_yRCARsWEm4vnzyJ4nUz6n6hYTWB2i-rxRGIhc8VnQUPIQ&sig=Cg0ArKJSzLTemaqlqJm-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&vt=11&dtpt=154&dett=2&cstd=0&cisv=r20221129.80455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;sz=300x600;u_sd=1;dc_adk=2913917844;ord=2crxtf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=101;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
truncated
/ Frame A2BC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d06b371bf85ce6c3f059932191b13fa2f86f266c34a1d16e9c10bc1ccf5c785f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 46E7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1196176&asId=c6e7fad8-0970-8bab-d694-3824a72b30f5&tv=%7Bc:vYU9Uk,pingTime:-10,time:755,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1670295282407%7C%7Ca6a5ccd86400f95364b89da9e5f555eb%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cfdd0c8893cd4fbdaedb09956e51cc571%7C%7C4cd842a78674dbb1c505465cb3be0670%7C%7Cc9d41a771f26c1554f1a3ffe482942c8%7C%7Ce0b8fccebebbeaf69420ef1e3dc08b85%7C%7C896e07885741e13cdf89d8fc4f731c72%7C%7C1663701684%7D
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C5F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BepbC8a6OY9uMEpy4x_AP_5OKGAAAAAA4AeAEAg&bg=!e3ileDzNAAa7eOFIm3g7ACkAdvg8WpvTRfnF9eKol6BO4Z4-8cQE39BzAdpQOtz4EzPVoZWM73-_YwIAAAFgUgAAAANoAQeZAvNM1tHqjaYCOIGn5Hi6L7eSWQ9VIx1fcj3kSsQQd_4ARu3vcB9YyunUIFXr6V9C2LIM4RGJs5QgPfh-VbNfVICo6SONTjrN_q2VHR63QQ_V7E7Z_R4eHIwSWFrPNHm0hp-2uKJkTSxuhAv7_rO1t4KAftdlf9RBS1LH29jiIsEn-MQoNwmVEAOIPSPtc94Uv34cTlzvAWLHBLoNS95Oz-edPMFnMzfIgvPq8d7VPJbV49fIPgmQfvuqaFPbDB8_j08mBWiN3UP4DOzZxivAoBJ2fRJDhwno7QsaCe1k8RnxUNa21QamZRH8brf-aldHbhKaI6riv0ItY7u_5i2Lap6cM0iMHjQBvD7oWz6GPsoLCVtEu4GMhtF9P2w4pTfRo9tj4ecYxDrUu82YFT1Sd5icfV41vyUyCFVoSbNURX1bZVrANftLEvfZ1qlMX50RBQntsRZYtIx9WS53J_SU_pgOtbOhwM5yTJRq_4o5ULltckT3-5UjrcJ_sBh3TIwEWUvmr0DVcykvWPlC-5VCDULj3iAICMkBycSPFBYaSU4tSfTeR3Kvb6AAl3urPfR-Ts-LJgpJrUx4lDqFdPmJARdT_Tk3Me7OSC3cSVS3e73G9neoBZ9x5J-CzQx0OywML6oO-1diPdqq9LrOwWFMj_NwtAVpwxjL-opQvnOg0Bx37xJU9AhcABkPScCGx8aw167TJcHILTscFEn1bg-YO9LENhTsz-L8yD2qCM9Rk7Qb2IreiQICglhxagP__wPO9a6kktVezhqh352yqYGzVjyk93Bf_dAE6RPDzg6RLOGfXkNSaalgAnzfz0cfVOsno1MCR_wxmdTteximCTma8xyDUn62GJZUmAECHb32T20yD6GsUuUdq6oEhev8_B8JtC1kOAWVvLmngRaslAWDwUcf_D637vjKodb2QJzVVF6I0Dsa9GWf4dJVYCMteKfDjwfQiKm-NhKtbaPCKGutRgWbSa2Hl1Oi1tBLwgBlSZyrRQpTyg
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A2BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbX-XYPBNWVMpHARVr-BSk3gcscqhWZtibhQ1V7dgXFGterrQW-_Rtk1GXwBkOEP1Xf70_-zoYAwh92-s0zpCDsQOR1Q1j9IiydzqRY-cH3t5mkRCaWdyrMaaBMRuwrGVRq95fInVllakFByfKyfiUjXeKMw&sai=AMfl-YTx1TWo48tYQCguTYBSnCfi-HbQUaJRRzqd9j7mZWHyf0r6hO68CQOfbO6xc8bEE2AqQcNQ58eijyG-nLdSa84NSWDwIVh_BomHPi-7&sig=Cg0ArKJSzJDVsvOYWPGGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&vt=11&dtpt=173&dett=2&cstd=0&cisv=r20221129.06561&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=764689869;ord=vadtq3;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fstud.com.ua%2F$0;xdt=1;crlt=KaOTY3hYqv;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8C17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssseCESQww3WCi_Cv7JgIXmJOfo89I9-cZjQTbcbhsurPa14C62mBBS2w7jbhZXyqN2xqhHKf4OHS2jP5z-VEFfyuNaEXYn8_FuzcDHWEv7cf968YKcbYDlyDMm7cw-h06sT3bdvgSyfQR124DRA-jpZL8B6wFGrSdo8z7U57DXzDeFqlBIy3m2L-ZDzmsoos0m6W_lq3uvqTtvsMaakUvw8FOxVMYEUEyNYXS2oARrR_yWmV9pOlt2zSDMbgdKpqVYUzrKP2f157lkluC-D11_KC_qJfJSWeJtsUWF8VAcZZv7QDsPEFk8oNaxrjgrdC_I2Ai_LQ-3kUEeFWYfDPxTZ5mGusrt38QWNLPFZ-xUWLns8dtmcG4vF0yqygN2eniZhJM1IacOfnrZR3Az7uCoktAOO9cyaLUP0mtwtVxtMI9rakq7A15gDNPxEpgd1Ve7HtAc2DrYjZWn5AiDolxUeqBbAdfSgX2VAn6ShqAwODgLO6O95OWudgrfkF5Vto-0jtclkZWFNBB5IuRnYrUxVJz9fA5SoGjU9PfpWPxKRGU5JReW3DW-NJcvVEL0j9FZgXhC86A9MzhzihW3xgcuUmn-SWXn_LDYicLAf6G2keYuvgiqnNtrWie8BqSpVCsKuzkyw8qgGH9KznTQz9lwSy_kPgU-cO5fj_xKgGMCwb7ad3Ukp-leq6L0UqHlekJNhjmp-Dmdr2DPrsPaJxvP8jIsYe-hKIb0tA6u4-vVdF4TwkRF7peGSDsoG-LZD2jiSTRW0MunK63BwGV1BYQEWixUs8umag31R7QUmTHeodMGaKRNVbPLtuGuJT5RXslycfrS_ZAMeQRXOonAjcUqQGFzXA2-iLgCLDRef-Oovy7ssFTEdMU61unA7i_KgHlXql5TP1CNb6gv0GuGJ43kkT5DLHk_Yw3Q1SgzuCPE3C8MT_-x_5ycxzShpl-czlRpwRCNqlLQchyKKI_xuwDjHSeqVdoRYKCpTnPwbet_0L4gK-zmWKOZIixzdEzF7V0Ciew2_aLRVE-jaruPLNldXnKOqMfpLT1OvfEGJliv53knGzmY0FakSBFwegquyzSRNEQlCIoMInvquoRx4osNCNm2L4lxcAwwl5CvVZcGsfTnGtBSzI50jMp1SfNVl76prlvw0W4iZdR0hB3nmt1gcv9IS1csv0EKOfqOybtiTqRk3J3dEsBuK6nnJUg54kgN1PZRLtU&sai=AMfl-YTByf2tpjtVH_rsA0UYCX9uSAiYhgvP3FRmR38hNS9MRpF3wsd5RPyOh-x95gXvRRvN5blLZxmBw5lGxv-9fGEmkVM2-HpkmfjxmKaRsSahBdGwc3vknzB1PDTfs8W9aPy6M4grVAyH_FNsi6DTLIQqe7gQhw6Iynd65jxEvxmhm7_KrQuLblEDzm1bb-2O6_r8N_fAmLrlM5MGf8Fvv0bqNgUYPvq7tHGtfvRb70L0h9aGK_eW1t5FsvN715n1nO0-mrwHcr4_Pbwmgj_ly5B6wzcNKKuuPg&sig=Cg0ArKJSzJOT62Mj1U8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1111&vt=11&dtpt=903&dett=3&cstd=204&cisv=r20221129.11753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: stud.com.ua
URL: https://stud.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 02:54:42 GMT
dpixel
cms.quantserve.com/ Frame 92F9 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FbqRjXomAAul24iWCTcG4IiKjlVFvwAuil3ekMSyb87MArqW2kOLdQLDRO8QEr0zrhuOWmidjB_Um2M8nYXI_2gj5wyCi6J
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92F9
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw&google_hm=Q0FFU0VFUk9mWVVlMTl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:41 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYBERT_ujdROV_QcEz7X61T1lRvr7OKMic7qe2BqXb7SGRozP_2Z-p6_GOIqiRJU_PdqJpX46sfmXkFRrsSlK-m_82O1f43sw&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 92F9 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJevRadti007n14VAbOw32U&google_cver=1&google_push=ASkJ3FbpbTZHyoEZvVaNJORvCvi-v3kykeppdatXp1y8hNfU8pkZZkGGUq3LQKWDoOc9EmBO_xxk08ez5K-7tf8PxVWC0ZDKIKunGA
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
g05qdrr5htfdl7vmnfh5bc7pg195gmu3
pixel
cm.g.doubleclick.net/ Frame 92F9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZhE6BEPB1Hd--oUGdd3oqsxPGeh-0e1rrMPX7B9BcO9BrjHCo6JvqYV3lMBE_2b7RseWzYBkeQ7-YZGKQD2k5ez1STpMMOww
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZhE6BEPB1Hd--oUGdd3oqsxPGeh-0e1rrMPX7B9BcO9BrjHCo6JvqYV3lMBE_2b7RseWzYBkeQ7-YZGKQD2k5ez1STpMMOww
date
Tue, 06 Dec 2022 02:54:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 92F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PREMtMUQtTE9QMw==&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5ZhWO20Q-Mf4HjHC_9CQ6MXasCjw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PREMtMUQtTE9QMw==&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5ZhWO20Q-Mf4HjHC_9CQ6MXasCjw
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PREMtMUQtTE9QMw==&google_push=ASkJ3Fb-oijBaDAvZJLT1T2Dhj0SGEb5EAiiu14NP0jc5DxMacc7l5eBLp-5CcWskJrhRMci9R5ZhWO20Q-Mf4HjHC_9CQ6MXasCjw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 92F9
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG_Pb0TshKK3-gaM1YbOmTo&google_cver=1&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mI...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mIr8Lk_Eg&google_hm=m24uzQTZSYm3Nw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mIr8Lk_Eg&google_hm=m24uzQTZSYm3Nw6BmM5UIg
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FY70yKh1uU1kK1RH6aywF7il-B3KdD7XOrpfjYucmhfNqePJs_vdR_1ixnfhlnAfPep1yGa9o3nUUSAF_jNLw2u-mIr8Lk_Eg&google_hm=m24uzQTZSYm3Nw6BmM5UIg
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 92F9 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 92F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6CgiTykdMpMaoV5WIfSUMl1CQUSY0qKg4LgDzH0lMs9wd5B1AhHPBRHGsiAtNPc-hsv9nfQ
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame 57D0 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
pixel
cm.g.doubleclick.net/ Frame 87B7
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC94tgexSdE13nREyBojprc&google_cver=1&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAy...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAya5p9rQ5ecNJUzcgCLP-KqAh6KJVGKGE2VP55volQ&google_hm=wRYBrpFw4EHqF0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAya5p9rQ5ecNJUzcgCLP-KqAh6KJVGKGE2VP55volQ&google_hm=wRYBrpFw4EHqF0DjsZKweQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZKnCdFPkAQM8zfvMgiYFJov-u-IX-CGswS_k6jllzxMQivcfvVAya5p9rQ5ecNJUzcgCLP-KqAh6KJVGKGE2VP55volQ&google_hm=wRYBrpFw4EHqF0DjsZKweQ
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 87B7
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEROfYUe19MM4OOHN1Y2iiA&google_cver=1&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34&google_hm=Q0FFU0VFUk9mWVVlMTlNTT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:42 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fa0Ujyew4dgn4JBUr6Y_c-UF0omCzE1OBwCa5m_CAvgeX289T5lnZTjz0JHcegmniGxzx3GrAcUnRA5ezlBhBm2yXVCA34&google_hm=Q0FFU0VFUk9mWVVlMTlNTTRPT0hOMVkyaWlB
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 87B7 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJevRadti007n14VAbOw32U&google_cver=1&google_push=ASkJ3FbmY1fdSgWKG7S-lkWt6xca4oqbjXmwjj6kQyb-UZCV5cFTqYmY003qVDSplrmQek_CcGIpV_Nf77dKA8_nWrK8inF9jDw
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
dposv75a50ui85stebvb4rhr210e1dkl
pixel
cm.g.doubleclick.net/ Frame 87B7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbJwpIRkT0cTC9wIuMgKukIYuoGR3S6Imv1-J0BjedGm2Ax-KjGoSZ3Lb73fmk_WkYnKXmMrW9WMlodwzz8DBwvlLq1Brw
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbJwpIRkT0cTC9wIuMgKukIYuoGR3S6Imv1-J0BjedGm2Ax-KjGoSZ3Lb73fmk_WkYnKXmMrW9WMlodwzz8DBwvlLq1Brw
date
Tue, 06 Dec 2022 02:54:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 87B7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsI7_PHO3jsSyiw4uWryZ0&google_cver=1&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyf...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PRjMtMVQtNTVaSA==&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyfdi2eLaP82puLoODo_g13-DO4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PRjMtMVQtNTVaSA==&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyfdi2eLaP82puLoODo_g13-DO4
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCTU9PRjMtMVQtNTVaSA==&google_push=ASkJ3FbW35ztgiuF1EKWyHKHa2bOETCTebyUApEwmlL1CliisUTMZq9V2-4p_JnO4LIi_vw3Yyfdi2eLaP82puLoODo_g13-DO4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 87B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FaDQ1bfYN-2JNunI7dKyTUfDpBG7M7Sr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FaDQ1bfYN-2JNunI7dKyTUfDpBG7M7SrgssC0eR9H9GyKIyT44-bo4wyYoCs0qADfboLF1NCJfQk4s0AgSB4jcAK4KJeHg
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkY2ogcupQ4A6MF15BNKTzT5EWb7871UGX52NfcVYOwp3E8q8YAc1hvyz3wxja0BmGl2W%2B0kORuyXjHmVXNeb9ZjKkPcjIKG5RJkaSgKG9r11FyYG0SNe4zSoMicy3mXnFcVhIxiRz1z1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFtf35LePhV45yL986F0Oec&google_hm=Y46u8C0VMBR4MKxhzh7qkwAABIQAAAIB&google_nid=index&google_push=ASkJ3FaDQ1bfYN-2JNunI7dKyTUfDpBG7M7SrgssC0eR9H9GyKIyT44-bo4wyYoCs0qADfboLF1NCJfQk4s0AgSB4jcAK4KJeHg
cache-control
no-cache
cf-ray
7751bd0c498d4057-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 87B7 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 87B7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTI7eusPTZ9rmAUZWBn1-FRsUpzjT1PqoiGbzXAsPO-a_XOg2-mmBygc_myHEplMlDhkBK6Q
Requested by
Host: 1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
URL: https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame EDA5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 07:04:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C17 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmZnFGxnPF8dJNWg5Wtv0SYMTrEIWJIzWcciCfqvaaWb1EYwCKzx69hFOjVWpMNwoWXoljCfNuwz6S2AdtROqNOd-kNFiJpJS9xt7yovjNUb9HYlVmQRCG7Y_g9Ff2WKj2bEut2w&sai=AMfl-YR_RSSWb5IsoBj0lN2ADxhVKw1aTBFSVHf0WQMng6a76vKpP-m8jNcmpOYuMf_gTETd0490VsJBlDKtsiWYP0JVpljvelK82lgGdC9twkytUGXizoyWA_8Y7socig&sig=Cg0ArKJSzM8rTasF_SW8EAE&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&id=lidar2&mcvt=1012&p=592,1260,842,1560&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3365877365&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295280903&rpt=620&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 88F2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hGHv3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8629 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuul0wlW5cU4Q1v1F8iB1cQClZVAIijVayIaUlYFQ0_PNnv2EVaRwGfGSjzC_RVNG7pdejaH4xkVJRYdeAkQVUvpgktBFjemv6KHl7lWq6R6wVFLx2f&sig=Cg0ArKJSzAtD9L6DilX9EAE&id=lidar2&mcvt=1018&p=10,315,100,1285&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2356313963&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295280872&rpt=732&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 46E7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1196176&asId=c6e7fad8-0970-8bab-d694-3824a72b30f5&tv=%7Bc:vYUa0O,time:1157,type:e,im:%7Bpci:%7Btdr:1044%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1157,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1151~0%5D,as:%5B1151~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:246,fm:tpcwMuh+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C18%7C19%7C1a*.1196176-66167959%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e111%7C1e12%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:23,sis:315%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57D0 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNemU8q6OY_vMBcmg9u8Pz9iViAMAAAAAOAHgBAI&bg=!NjWlNXHNAAa7eOFIm3g7ACkAdvg8WiJSgVPAzfSDB2-91JUG_TUF-dZ4pfAQ5Y1a1VcooQX6c3N4gQIAAAC_UgAAAAJoAQeZAuuOTehsRpNpFrEMMOChsEnTfezRK-PDA1SzvmN2ta8-r9o-rArXPXocdW8vWcwKLAsqy0LDp5he2af_oaB5tGQG45y9KUkZjevPzJu9O0pCRcHmhC-yflB4_e0roHTHWSuyJGD5AFpmqzCqXKFZ63HgN1T4M57TynkIrG7BzUcrjKQGqBmDv173GllXliqcbTJGw2-HiXmtCRty72HYnkKvqWOy_wpFaunjDV2PeVnRbJAnyQuNzefZ346JJBQ3D-v7UVFasKxkZRsX3d8qV9skDdbQriPoeLtDdaWcu90tjmTDdrzyrfshwH9wDxfqidarpES2ahd1ZWz7QFdEznGsw4OndezgV55XpUSdkTF2zl58pCh1ZQXM_B5jvJQjVjyUAigEM-1e-nZQAPGqC5N0Q158vU8sw8fUHi5BCpawh5A3doQaYX-9nk2hFkRtnQnhqiAdO2VDDXhpJG6qON-QyI3_cLPCGJgiDmYvEx2hYU8E1dBrQVsBWagdJd9_A8QPbqMnQf9smy0hOmh5KhDpFuhtKNYQ_kumBrRoFTgp0KjOFtz2nz_JHiqg0dHQs9PqefxCrN1-xQWhtzLBBpd3P0j59wlFHcgogkioo-9DL9hIQ9m9Xy6z8pATlazjRduO008eUf9Mf0rfyEXCNsxm6Xy3e5uqYmJuYzM4MaQ80l_l_0Ls1VM9qmue3t-0f-NGtsc6xW_eET3L2Am5wGVsdRbSEjrAmO88yCx-8fl9Vs5bcS_vFzFw2DTx2Z5Lxttf-nbREoyLwxaTDYZaxtwAL5yLkkjcg1V86AIw0nuo5jxD5W-CouweUJSyspKTZqS6s65JnVqoAA6ntOA0GVKFK16MC0s1Xc5ZksFU3JygMesWLGpM6DK02Ic33JcSlZkjnrIam1TscsidxdadEmnZ-Y7ZLp9i3Z6eQX02H1RqrfcMvKupLSCrdd71JRsl0bUAQwoVBxIB4oQKbnV6JqzCEbsQDAfNdcZAsYk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EDA5 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaKMY8q6OY6DLBf-_9u8P4NuhuAIAAAAAOAHgBAI&bg=!ycqlyo7NAAa7eOFIm3g7ACkAdvg8WkuLtRfqbtq8POL9qmoAcwSfn92dkl3TsB_f0-SWOw6zyGiF0AIAAACMUgAAAANoAQcKALE_H33fZmAAd6HpL_PQjjRXlzyCiBG1kIGQxWgdfH41F3dobhHEH7a8bQojT3--r_le6ExnYchswlySQugS77IH77eK4RmF0yMj2M2TGaY5JtO6MiG_gNYJGmzjxJD41SJX8qVOBPqqFmZHdd5Y4zt3pws3EJ7U-ixWaPNy1_C8oVaHSrmQ5euWIRn-vigDp971k6nVZLiJHo2-xrYGBULSD-wp7VJ0BfyaII1-GXhP1oSZAt1K2lgF_fuKKspQWaT8aXGRmww3L_Wcd0iEdY2Y7y4RPYAyI_DRj5nzuu2EpD3qNNbJYZGn5xR0-pjh_GUuX9b1bpXPV7-3eU5vu24kWaCyQ3zIWFXlLkGnmM1E061K5Vxg176rSJ1_rY5nYuKdzUgXs6ICuSBAYxUsJpvxVKWeTqVMr64XdBgtHN5KV_NT4IgJWyCJ6b1bPRYDqbXx1gYTHIjsB4awo9JOh8gbs8RCCGQ26sRxGT4mYwwXRZ5OToqw1nCaHcVB4hzja5zf10_FHDrqzWSFsZznA3ZCmbcr1pQ2vKDgCLz3o82pbbf4cn1iSAyjnhNdB5at--CzinbrX1iUVQw2rzXGp1dFoe85mKJEBp2Of8L3R66ddEM4tSO0kLuDd3Zc5ymSxs8ryrzAiHpUxY7AsRisw-BvqTOHxjFwIqFv8SIEKHa_FCf_K1NtxQG2myRwuWj0vcanSLoDNLVkcl6njsn2WgkEF9I487MUrg0cE2HQTtm8oeHhgYVpEidtLtelMfHKMLHQFC2qlL_TfEdozVa-83H3RM3IvlZlMmE3V6SVCVWLL1DtBi2ltSiglCf0tPSoWK4ilFV4i8PgqlSDS0h_U8DliUlmopc1BoICR3SViTF3Npvw_OvaYN_-L5J_5SRgwWDCT7vmcIFoIU2gdmMHIpAnUY8R2iUAK570scRMkBvo28e2d09Pl3hSdG5Uqo7J7dpzaQR-F9CtC4dcw636aPkdAJPcMTmMEu8RrqPrORn6fKk0W_FOhV19Nc8aX_iHHK8jOj-5xvG7XlgHqU0O_fbJd56R_Z7h9eoziOY7cp8e0QWdGnVTtx9VGoGcwkl6UD3IZby10KecYlcvHaHx6e-DFkZcL-xjgGUOtYmZuPYfr0uQOEcsoavWi8L06xW40sI1cR6OVS1q4681Hnrb6of1QTLARi1k8SWqlD2-S5oi7s_O1VxRZ2kcZx66yTL3qkoK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=8119915948126591309&x=1&ct=77&dl=2&ds=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=17034531157143050342&x=1&ct=76&dl=2&ds=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=13838816206504473058&x=1&ct=77&dl=2&ds=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8629 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=1146154848671526&bg=!oqGloeXNAAa7eOFIm3g7ACkAdvg8WlFERi591Se79TERM45Wr6ixjltD5GGdPoavHfai7x5t6GTzvAIAAADsUgAAAAJoAQcKAGj2JLGC3yVCWSAqfB7jcXz2fkwrn6Dsi0EIQ0lVJZ0XpgfctJH7pBYFnSToJw96lhR2NBG9gpWVpNTgH47CE4wMdpPzqOWLQ5nbkVfvNb2JmvrpCcwluwyUuBPvf7v0hPZxkPhuQebbwpkCqOj-9KZDJGb0dvTt3xFK3h8fyaW0LFtpSIPf807v4xa_ck-hFQN19CiXr2a4i2FzwJW1d_5e1v4wpasGjEK8B7hwhZ_OUKD_LIKrUd_x0eAzU9rQcgtqJ8mQ6wN2amsygMoFJkTRQ081fp3BeuQIT8JgAE1FyLzA9bGlt0YQS2pofw7Bn5A2REwvmqxU-b-Fc-V-t9MV1Fb9r8sK1ivJo3vnXDNcUQDyaZUDt5U1rfI1UAyE3d9T8kxnin4DnfQNGrGQM3yY7sbVDNbr5NDYRMT6Nx5KoDKwrTsKHJNyuibdshcUgAhZlquBiAu-ceBQexuxLmUqBqiLFRK3uTJTuIEzsAwXQzCk3TDvEGEx9jvv-ObMrSmeku8nNO7Z-Tz_zdzn7bdfSSQYbB6BsCVw0vsHQI_kb5_TTkOgeH531bMokZ6YQ-rPWIGz8r28l5Gcp5aEb8ZolsWz0PgVdVuW8oMJprlLD-dE_BVai0s7Gw6wbI2okYtCO6cc1NnSfQ5eoWwFPXG4iyAX0PRaUl3jKrjC5YjzhfvcTlfqOEU-YK24jyKuckuGAKlLrkaCslFFwM1Pq3TtJhHOIbzDzdiBqOSMJ_5HgGz66baVDVsZhPoEmryHj3SrsHNKwwYzSO4fiRE8QV7PX9-r7DQeLI4WtLwaWpmSznyrRxVfeqykyoMcS0Ftix1i5MiTgb35DKERw1a4aEPfK2fpclINCdiWyzKCODxqldL9-Lku8-5y3i6EPzASpFNSmuK0tg5wmbY8-wW5VZqV4r3G8r0cRr5vK6wq7t05W80zAlUjsa3XjsxM2kSVpQ40Kt2EQVl4kv3y3y9BQeyCS0vyP0Rf4RMmaYqeOO9ogqixR2IwtgmAjx2Im_lrNVk0SAmmjDfT20GRdiDsKaHT5idf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://stud.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
459565
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=JhzDRHw5aVRKZENXM1ltazZVNTF1TVhuNDhlQlJJL2ZaaG1ZWTFXYjFSdFhlTWV5Nnd6Z1REaytvMkhqTUdhWnV6bTBzMmIrUnU0cXVvWUNUMVJJUFdrN2tURUFJdktuc205bkt6VXZYWnkzOWx3TzdIc1pnVWJMczBQZH...
439 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JhzDRHw5aVRKZENXM1ltazZVNTF1TVhuNDhlQlJJL2ZaaG1ZWTFXYjFSdFhlTWV5Nnd6Z1REaytvMkhqTUdhWnV6bTBzMmIrUnU0cXVvWUNUMVJJUFdrN2tURUFJdktuc205bkt6VXZYWnkzOWx3TzdIc1pnVWJMczBQZHY3d1RabnRrZWdFL3plaVlUdURtMEEyYjVJd0NrcE5UU1M0QnBaU204RWRZMnJsQmQyTnAwc0FzUnJmWTZxRVVIc3h0NFZRdnphUzJnVG9UMldVV3ZGTm55bDNwdHRRQzZaQURJVENVWGtIZU4welRyY0VlQ2tWcXdtZDdYSFVISzBTQVRZWTR0VG1Wd2lJVE5aaEZaaWc0Ri9DbjFsZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e567988cd0fea979b64fae222e67a87d5efc5f11726e3c03a46028c0d7c0209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1637294
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=JhzDRHw5aVRKZENXM1ltazZVNTF1TVhuNDhlQlJJL2ZaaG1ZWTFXYjFSdFhlTWV5Nnd6Z1REaytvMkhqTUdhWnV6bTBzMmIrUnU0cXVvWUNUMVJJUFdrN2tURUFJdktuc205bkt6VXZYWnkzOWx3TzdIc1pnVWJMczBQZHY3d1RabnRrZWdFL3plaVlUdURtMEEyYjVJd0NrcE5UU1M0QnBaU204RWRZMnJsQmQyTnAwc0FzUnJmWTZxRVVIc3h0NFZRdnphUzJnVG9UMldVV3ZGTm55bDNwdHRRQzZaQURJVENVWGtIZU4welRyY0VlQ2tWcXdtZDdYSFVISzBTQVRZWTR0VG1Wd2lJVE5aaEZaaWc0Ri9DbjFsZz09fA&cppv=2
access-control-allow-origin
https://stud.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
626999
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
checksync.php
contextual.media.net/ Frame CA8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
731328e77245a295711dcb1e13c2273a05c5805f6986e05dcf8ce5f960b5fa34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8184
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
Thu, 08 Dec 2022 02:54:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F91F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78618
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 02:54:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 07 Dec 2022 00:45:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A428 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670295279362&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 063E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Dec 2022 02:54:43 GMT
ETag
"623de86a-cf34"
Expires
Wed, 07 Dec 2022 02:54:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 2623 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13459965
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 06 Dec 2022 02:54:43 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
sspmatch-iframe
ads.betweendigital.com/ Frame E6C3 		604 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
5ef7c96110916b90a2b9ce6bb03dcfc808b9e00d5914ce6b6f77b8da341e3bc5

Request headers

Referer
https://stud.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:43 GMT
Server
Adtelligent
Etag
b32f63d83d400e12
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2124036b-96da-4972-8392-e1ccef057a64
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e24d2f92-924e-453f-98a0-959f6481d6dc&ssp=themediagrid
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=e24d2f92-924e-453f-98a0-959f6481d6dc&ssp=themediagrid
Protocol
H2
Server
52.57.148.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=59&user_id=e24d2f92-924e-453f-98a0-959f6481d6dc&ssp=themediagrid
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
125
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C17 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3184089579429&version=m202209210101&ct=76&x=1&cor=17034531157143050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B6 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1502340552170&version=m202209210101&ct=77&x=1&cor=8119915948126591000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A2BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTWJA177Q0IVJyv4wX-g_8ht1RCvHYO8KDNTFo0CnvV7Z3MFbIy4bGUqJbp-c8y_6BIrbFn9pBo5RkVueJY2idb_ygvujk&sig=Cg0ArKJSzOjL60P9_ehWEAE&id=lidar2&mcvt=1020&p=0,0,600,300&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=764689869&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295280897&rpt=1559&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A2BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUaoGYCTnwORsQ8vk5zbpVXBMYTT1CjEYbUK8DNuDtv68A1Ykb7MQjz1YD3ph_yZFCmn0wca5ATWA-GqDQzrsZGzQ_7D3e5x3IxeHE9vsaCDXN_n2Nj6FC-gVt&sai=AMfl-YRW2m7P2D9_gQxbPLtFl5tgbwUf3MLjmQf5fUl7KY18EzcDqS3ZaFoD0HSFqqND4pFos8Mk9IfIUYoF5w4JjPXjk4Ma62Ewrs2CYWvLdVde_4gcE9CUK99VPbBX3w&sig=Cg0ArKJSzIqNXO3Dy1CREAE&cid=CAQSOwDq26N9jibO5ehhGIusvQyjjzgWseq_nUGLIwVlfy3K2Lsg8vvis-LqdCvml_KQKQoK1n8xc0d1DmRxGAEgEw&id=lidar2&mcvt=1021&p=204,10,808,310&mtos=0,1021,1021,1021,1021&tos=0,1021,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=871671332&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670295280897&rpt=1555&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4777448458997&version=m202209210101&ct=77&x=1&cor=13838816206504473000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JhzDRHw5aVRKZENXM1ltazZVNTF1TVhuNDhlQlJJL2ZaaG1ZWTFXYjFSdFhlTWV5Nnd6Z1REaytvMkhqTUdhWnV6bTBzMmIrUnU0cXVvWUNUMVJJUFdrN2tURUFJdktuc205bkt6VXZYWnkzOWx3TzdIc1pnVWJMczBQZHY3d1RabnRrZWdFL3plaVlUdURtMEEyYjVJd0NrcE5UU1M0QnBaU204RWRZMnJsQmQyTnAwc0FzUnJmWTZxRVVIc3h0NFZRdnphUzJnVG9UMldVV3ZGTm55bDNwdHRRQzZaQURJVENVWGtIZU4welRyY0VlQ2tWcXdtZDdYSFVISzBTQVRZWTR0VG1Wd2lJVE5aaEZaaWc0Ri9DbjFsZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245840
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame D87C 		42 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbn4wqigReZ7Y011l4WdvqRNe5lt_fxunabB32pmTw9WcH786Tbqd-GZ4JdGej-XrjlvUDoNy12nGfz3ggLCPllqYKzPfck1LquOQG_TkREWw6Cev0JQXjuMEtxX-SoAjnvoI3sbMuLE8eD3xmJw7tWmS7IkzXUAKF&sai=AMfl-YS2EGQT6UEESWOVpyngcRSiXqVmk8RwUdhaEGHvHD3Zw8ds7p1bwS_JL5i3IZl5am8me8t7tEVjPTUw_D1SAPBWZVi8MUpTaK7hqd44yshMexgyHcF87I-Bwejhyg&sig=Cg0ArKJSzKuZAWSdJvpmEAE&cid=CAQSOwDq26N9phkXn8mGxesKqvY9vPlvhkTtAh9NlRHu-gSx16NR5RbWjtS7jGoeOM0JXpzj2wApz9ZIm0aBGAEgEw&id=ampim&o=315,10&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=505&tls=1505&g=100&h=100&tt=1505&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://stud.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F91F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19910164&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3860d168e75ce56cc25f9acaba89e7e287212d81a268f9da4cb24135bc9fe92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 02:54:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5fdbb29426d091209c754c15871f46967600ca0da13ed2bd053b3e3009243054
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 063E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:43 GMT
AN-X-Request-Uuid
b47c8dd0-2f69-47f0-ae7c-4bac1aa789ab
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame D7FE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1F22
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Dec 2022 02:54:43 GMT
Expires
Tue, 06 Dec 2022 02:54:42 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x34 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame DDE8
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3069470619164504429
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3069470619164504429
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3069470619164504429
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5947
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
Tue, 06 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1678855
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame CC5B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 02:54:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GGETNVRGSMKT1KTZY4Z4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 02:54:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XMD5KXQDZ0QSTEPBQQ53
Pug
simage2.pubmatic.com/AdServer/ Frame D9E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4148347070498717920&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4148347070498717920&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5a8ca272-7b68-414b-a87c-406e8465787d
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 02:54:43 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4148347070498717920&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 2052
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 9002
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7173863615164577945&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7173863615164577945&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 06 Dec 2022 02:54:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7173863615164577945&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame C60B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lnsvs02sQr9_aCmhG0q13VLHgiU
42 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lnsvs02sQr9_aCmhG0q13VLHgiU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 02:54:44 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lnsvs02sQr9_aCmhG0q13VLHgiU
Pug
image2.pubmatic.com/AdServer/ Frame 9A03
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbzNFN0hIVjRBQUNCXzUwN2FEdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFo3E7HHV4AACB_507aDw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1493625515242909286&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFo3E7HHV4AACB_507aDw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1493625515242909286%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1493625515242909286&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFo3E7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFo3E7HHV4AACB_507aDw&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFo3E7HHV4AACB_507aDw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 02:54:44 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFo3E7HHV4AACB_507aDw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5B9E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y46u8wAB0VwtvQAZ&gdpr=0&gdpr_consent=&_test=Y46u8wAB0VwtvQAZ
1 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y46u8wAB0VwtvQAZ&gdpr=0&gdpr_consent=&_test=Y46u8wAB0VwtvQAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 06 Dec 2022 02:54:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y46u8wAB0VwtvQAZ&gdpr=0&gdpr_consent=&_test=Y46u8wAB0VwtvQAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4082-HHN
x-timer
S1670295284.978626,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame A35A
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 06 Dec 2022 02:54:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
i.match
s.tribalfusion.com/z/ Frame 9A2C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7751bd150b70dd64-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7751bd13caa7dd64-LHR
content-type
text/html
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1179
generic
match.adsrvr.org/track/cmf/ Frame F65A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670295283846
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8149970042
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8149970042
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 06 Dec 2022 02:54:43 GMT
etag
RXb4109c902a5d4f848304b24a7cbc6efc003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8149970042
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 44E6 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 02:54:43 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-21c0c77d20fd@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame B390 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 06 Dec 2022 02:54:43 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame CE3B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=52683925db9d8585d459b5aa465ac74c&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTjVjbUMMXhXagSn
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTjVjbUMMXhXagSn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTjVjbUMMXhXagSn
bridge
cm.adgrx.com/ Frame 0A5C 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Dec 2022 02:54:43 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F91F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NGQeAyWjQICl9HCp4NIyEw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:43 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78618
accept-ranges
bytes
content-length
5549
expires
Wed, 07 Dec 2022 00:45:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32e3638e-aef3-4b00-9afb-aa1302b0cb31
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32e3638e-aef3-4b00-9afb-aa1302b0cb31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 06 Dec 2022 02:54:43 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32e3638e-aef3-4b00-9afb-aa1302b0cb31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 02:54:42 GMT
generic
match.adsrvr.org/track/cmf/ Frame F91F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=37c5c16ff2b20a8e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=37c5c16ff2b20a8e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=87477d1d69958ef2d055d30ed802ac0d&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ2NDFFMDMtMjVBMy00MDgwLUE1RjQtNzBBOUUwRDIzMjEz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE3Q2jb2_cngqFTzEZpHbMI&google_cver=1
42 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE3Q2jb2_cngqFTzEZpHbMI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE3Q2jb2_cngqFTzEZpHbMI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F91F 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 05 Dec 2022 02:54:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7409004770038962898
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7409004770038962898
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7409004770038962898
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F91F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a0616139-426e-4eac-a7d8-58cadaf40b13&expires=1&user_group=5&ssp=pubmatic&bsw_param=44d42845-bdaa-42cf-9c93-c02c6d923616
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=44d42845-bdaa-42cf-9c93-c02c6d923616&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
34641E03-25A3-4080-A5F4-70A9E0D23213
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F91F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/34641E03-25A3-4080-A5F4-70A9E0D23213?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=34641E03-25A3-4080-A5F4-70A9E0D23213&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uLYM3EVE2uXxgw_YnYDwny5ivMLAu5w-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uLYM3EVE2uXxgw_YnYDwny5ivMLAu5w-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uLYM3EVE2uXxgw_YnYDwny5ivMLAu5w-~A&gdpr=0&gdpr_consent=
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame F91F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=34641E03-25A3-4080-A5F4-70A9E0D23213&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&gdpr=0&gdpr_consent=
42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8480527932475672240&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8480527932475672240&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8480527932475672240&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fce4a1e-4f62-4977-9204-9ec68582ff34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fce4a1e-4f62-4977-9204-9ec68582ff34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fce4a1e-4f62-4977-9204-9ec68582ff34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 06 Dec 2022 02:54:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame F91F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4148347070498717920
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4148347070498717920
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:44 GMT
AN-X-Request-Uuid
3b8ea0a6-5a9f-44b1-8ff7-901ffa89930e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4148347070498717920
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ads.betweendigital.com/ Frame E6C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=44d42845-bdaa-42cf-9c93-c02c6d923616
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44d42845-bdaa-42cf-9c93-c02c6d923616
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44d42845-bdaa-42cf-9c93-c02c6d923616
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=44d42845-bdaa-42cf-9c93-c02c6d923616
date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
btw
sync.dmp.otm-r.com/match/ Frame E6C3 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=9785eae9-6af7-5454-ae67-f373cde95d9c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.179 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 02:54:44 GMT
server
nginx/1.23.2
match
ads.betweendigital.com/ Frame E6C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS01aUdJRTFORTJ1Ry54Y1E4QjJWOVhiWWVseW9NTVQ3SFdMVV9kUVUtfkE%3D&gdpr=0&gdpr_consent=
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS01aUdJRTFORTJ1Ry54Y1E4QjJWOVhiWWVseW9NTVQ3SFdMVV9kUVUtfkE%3D&gdpr=0&gdpr_consent=
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS01aUdJRTFORTJ1Ry54Y1E4QjJWOVhiWWVseW9NTVQ3SFdMVV9kUVUtfkE%3D&gdpr=0&gdpr_consent=
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ads.betweendigital.com/ Frame E6C3
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uiqX4ZG4wCT.AikABlGE5VtqYQ
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uiqX4ZG4wCT.AikABlGE5VtqYQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:44 GMT
server
nginx
x-backend-id
f1-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uiqX4ZG4wCT.AikABlGE5VtqYQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame C0E6 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9785eae9-6af7-5454-ae67-f373cde95d9c&CACHEBUSTER=976629
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 06 Dec 2022 02:54:44 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
312
x-cdn-request-id
137d54f777e606dda058a6b4baebf134
692.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7756785b712b0dd05b943cfbafe3b90f3e1a364fb7125b5963df759daac631b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://stud.com.ua
date
Tue, 06 Dec 2022 02:54:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bidswitch
event.clientgear.com/cookie/ Frame C0E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:44 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
//event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=44d42845-bdaa-42cf-9c93-c02c6d923616
date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cntcm.aspx
inv-nets.admixer.net/ Frame 8629 		61 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/cntcm.aspx?ssp=03794bc4-679e-4bd8-a1c0-bb41680c2dee
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
7b9e7fce08bf67ca0b1d4f30379c574fe64a35c732769e30a1ec3b4143302d31
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stud.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 02:54:44 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://stud.com.ua
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
56dc2c94-7511-11ed-a1c4-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame C0E6
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARj13bqcBqIBEFbcLJR1ERHtocQAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=56dc2c94-7511-11ed-a1c4-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=56dc2c94-7511-11ed-a1c4-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=41tWULNEwAw3ynSRIWXJmg&
  • https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Dec 2022 02:54:45 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 06 Dec 2022 02:54:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:54:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Dec 2022 02:54:45 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/56dc2c94-7511-11ed-a1c4-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 06 Dec 2022 02:54:45 GMT
async_usersync
ib.adnxs.com/ Frame 063E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 02:54:44 GMT
AN-X-Request-Uuid
bd6db5d2-fa87-4be4-a768-b3ad48911978
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcb6a7d082344be5bde2f39bfede9a89.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/dcb6a7d082344be5bde2f39bfede9a89.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23313432990343dc74d95b6c064148e6fdcbaad720d146994468f3d7226cedb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:51:02 GMT
x-content-type-options
nosniff
age
565423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9957
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:51:02 GMT
c522ab6156a43e80cda442dc3d431353.jpg
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/c522ab6156a43e80cda442dc3d431353.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeffa1bf2dbf59661c6b04ee5d7b6faaebee0a54d10a188b2b9773c073e75f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:50:59 GMT
x-content-type-options
nosniff
age
565426
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2872
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 13:50:59 GMT
c2507086b24ce64257b9cb1a160372f4.png
s0.2mdn.net/sadbundle/9974715383312914420/media/ Frame 8E54 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9974715383312914420/media/c2507086b24ce64257b9cb1a160372f4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f810f56c712592f9127742b3516156f127c95c6d2987cbad759d5ee3466c0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9974715383312914420/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:23:18 GMT
x-content-type-options
nosniff
age
261087
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2576
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:43:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 02:23:18 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F91F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 02:54:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame A273
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9785eae9-6af7-5454-ae67-f373cde95d9c&CACHEBUSTER=976629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 02:54:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Dec 2022 02:54:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame A273 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2198f815359a7c285ff247a7250c7e47779b2838207fe79d129c55b20611bdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 02:54:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Dec 2022 11:17:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30165
Connection
keep-alive
Content-Length
10067
Expires
Tue, 06 Dec 2022 11:17:31 GMT
khaos.jpg
token.rubiconproject.com/ Frame A273 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A273 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame A273 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 02:54:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame A273 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame A273 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame A273 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A273
Redirect Chain
  • https://onetag-sys.com/match/?int_id=4
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sn.ashx
rbp.mxptint.net/ Frame A273 		0
0
tap.php
pixel.rubiconproject.com/ Frame A273
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7173863615164577945&expires=730
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7173863615164577945&expires=730
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7173863615164577945&expires=730
Date
Tue, 06 Dec 2022 02:54:46 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
729e4e94-63c3-438d-8ce4-184eb34e703f
www.storygize.net/ccm/ Frame A273 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FZBHyVAEz-Y2EP9f9waAmIBwSXPye6srF_wXnHgkINU7IvA8rjuUsCC3WPm4R27tBTQ7V_Pex_KjlRyhJWlohQRWq_9NfUXjQ
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FYtgZoK7U1Nht51O9UPGYtqx3G2cQoxz_J4ck43p8iA4tGXJG6hGviwtrvn6m_hUSj5tLR2NxMUHSbXC63BFkrUQXrqsg4gk2g
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FaRrt0HRrY8fddUZWC-VKdzLVEh5puLHhKFVR4hGzoDXwhdcxbia9lZ_wp8_hOFzqLFct5iHqCDUuRD7BA9Ov3FF_g2Dqj_
Domain
rbp.mxptint.net
URL
https://rbp.mxptint.net/sn.ashx
Domain
www.storygize.net
URL
https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| googletag object| vmpbjs object| vpb object| div_970x90 object| div_728x90 object| div_320x100 object| div_336x280 object| div_300x250 object| div_300x600 object| div_650x333 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| vmpbjsChunk object| _pbjsGlobals object| mnet function| clearForm function| checkForm number| google_lpabyc object| _0xb88f function| abl function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Criteo object| google_llp number| j object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

125 Cookies

Domain/Path Name / Value
stud.com.ua/ Name: ca
Value: DE
.stud.com.ua/ Name: _ga
Value: GA1.3.523528440.1670295279
.stud.com.ua/ Name: _gid
Value: GA1.3.1829369148.1670295279
.stud.com.ua/ Name: _gat
Value: 1
stud.com.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.stud.com.ua/ Name: _pubcid
Value: 1ce09aa4-350f-4b9b-a5d9-a88ebcf467c2
.stud.com.ua/ Name: __gads
Value: ID=2d26b261fc1b7c0a:T=1670295279:S=ALNI_MZP3mTGh0Jt7ulD-efw-JoEoJ5AYA
.stud.com.ua/ Name: __gpi
Value: UID=00000b8e70637430:T=1670295279:RT=1670295279:S=ALNI_MbWv7_MM4UV4lr1j2dXSJCIC8jvAg
.admixer.net/ Name: am-uid
Value: f010d7948ade478c9e644c0481fa62da
.lijit.com/ Name: ljt_reader
Value: FxLuvBZHR3Eza15eTIerNo6j
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
a4p.adpartner.pro/ Name: apuid
Value: 2124036b-96da-4972-8392-e1ccef057a64
.adnxs.com/ Name: icu
Value: ChgIq9pcEAoYASABKAEw7926nAY4AUABSAEQ7926nAYYAA..
.adnxs.com/ Name: uuid2
Value: 4148347070498717920
.doubleclick.net/ Name: IDE
Value: AHWqTUnJt5ywXJ-PMZjwaJlF4gT8hOF8PFirBtgTrF_koC_pB7glemY11OVG12Yi
.adtelligent.com/ Name: vmuid
Value: b32f63d83d400e12
.adtelligent.com/ Name: a307558
Value: 2124036b-96da-4972-8392-e1ccef057a64
.casalemedia.com/ Name: CMID
Value: Y46u8C0VMBR4MKxhzh7qkwAA
.casalemedia.com/ Name: CMPS
Value: 1156
.casalemedia.com/ Name: CMPRO
Value: 1156
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il]u]cIN!]tbPl1M>e)ZlrFUfJ+tGXvWB^$474_$gO1?3iSqEAiP._E#uGQ<7s^bF9Am3If)y3KL9D3I?+b'5Uja
stud.com.ua/ Name: edu_chat
Value: {%22depth%22:1%2C%22end%22:%222023-12-06T02:54:40.336Z%22}
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 9785eae9-6af7-5454-ae67-f373cde95d9c
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.rlcdn.com/ Name: rlas3
Value: BTF2k17tWTn5Pn3J8JfWfiYXN2kSrsmWNd8Mt9BnonE=
.yahoo.com/ Name: A3
Value: d=AQABBPGujmMCEHi3AxC1hwMclPbqWFdmoNsFEgEBAQEAkGOYYwAAAAAA_eMAAA&S=AQAAAs8PMP-zoioge47CiIfW6GY
.quantserve.com/ Name: mc
Value: 638eaef1-65e0b-006d3-9aba2
.innovid.com/ Name: uuid
Value: 9b6e2ecd-04d9-4989-b737-0e8198ce5422-20221205 21:54:41
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 34641E03-25A3-4080-A5F4-70A9E0D23213
.spotxchange.com/ Name: audience
Value: 54b9d599-7511-11ed-92ac-1891fad20506
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.criteo.com/ Name: uid
Value: 2bd09b8d-34dc-44c0-9373-6e0325f56f26
.rlcdn.com/ Name: pxrc
Value: CPHdupwGEgUI6AcQABIGCOndKhAA
.agkn.com/ Name: ab
Value: 0001%3AoBvQCw8k65q3ox%2BlxNkIjGV1T1KPylgi
.addthis.com/ Name: na_id
Value: 2022120602544100079287301689
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 638eaef11375bb38
.addthis.com/ Name: ouid
Value: 638eaef100014ff07c0e92aef0ae61fc3a29ea2565edafb9d1b9
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20221206
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.awin1.com/ Name: awpv20044
Value: 412871|1670295282|5537af80-7511-11ed-9792-223985e9a9b7
.awin1.com/ Name: awpv11354
Value: 412871|1670295282|5537d690-7511-11ed-9d10-2262c713b6c4
.awin1.com/ Name: AWSESS
Value: 377133:2470172
.agkn.com/ Name: u
Value: C|0CEArIWtxKyFrcgAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/ Name: CMTS
Value: 1181
www.conrad.de/ Name: HTLP_timestamp
Value: 1670295282
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 5aE9L_VzRZBHWngYjHhO6AbXJf40uPe.Kuy7v4Jzkqw-1670295282-0-AYAZeKWQgTQIOS/2zJE5FoekpDGjgOXC6h9Coa+2JzWoGlIe0f+StHLPlm+HCGOsQ9+/38tEcnMK7kONTze4s3g=
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3MDI5NTI4M3ZsZWExZGUyMDIyMTIwNjAzNTQ0Mjc5MjMxMTM2OTA1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022120603544279231136905X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3MDI5NTI4M3ZsZWExZGUyMDIyMTIwNjAzNTQ0Mjc5MjMxMTM2OTA1WDExNzY3OVYxMjI2MTMyNzAyT
.bidswitch.net/ Name: tuuid
Value: 44d42845-bdaa-42cf-9c93-c02c6d923616
.bidswitch.net/ Name: c
Value: 1670295283
.bidswitch.net/ Name: tuuid_lu
Value: 1670295283
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156813:3
.pubmatic.com/ Name: DPSync3
Value: 1671494400%3A201_197_219%7C1670371200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1671494400%3A161_71_165_56_54_21_251_166_55_238_88_7_3_81_13_22_234_176_99_243_220_8_233_204%7C1670889600%3A15_2_223%7C1671580800%3A35%7C1671148800%3A63%7C1672876800%3A203
.quantserve.com/ Name: d
Value: EKABDgHfJ4EO-TA
.stud.com.ua/ Name: cto_bundle
Value: DKxIVV9pJTJGaDkzNER0V1BHUXlGJTJCMTUwUmdwbVNIMUo5SmFucXk0MnUlMkJBSjhNNTJ0QkpJNFRIdVdjS0xtQmNFRmoxcncxJTJCNUNhN3RsMWMlMkZDejklMkJsVnlLZG00NlNudnpNeFVtcXZpamFhQVFBJTJCWDk0UmFHTVQzQjFvJTJCVEV1bUR4bTlQS0h6d1ZKem5HeUtXSzlERVh2SDJ5M3hRJTNEJTNE
.stud.com.ua/ Name: cto_bidid
Value: U8OcYl8zdTlIU245dGJTUDhyU0xYRDJUQW92JTJGSVQwVyUyQjB6TnFFR25kcUUxWW01OWhlciUyQkw2VVNHQml5ajBqNzQlMkZ2ZWhhalRYYWszS05UTE5WdCUyQjB5a2JqbEhIR2dhVnhmZkFXTXNObWY5ZXA0c2slM0Q
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~28oq:18z8~28oq:199l~28oq"
.sitescout.com/ Name: ssi
Value: 95e690b7-a7cb-4be2-89ed-2161ec76e6a3#1670295283822
ads.avct.cloud/ Name: uuid
Value: e24d2f92-924e-453f-98a0-959f6481d6dc
.adsby.bidtheatre.com/ Name: __kuid
Value: 7fce4a1e-4f62-4977-9204-9ec68582ff34.439509283
.onaudience.com/ Name: cookie
Value: 37c5c16ff2b20a8e
.onaudience.com/ Name: done_redirects104
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7173863615164577945
.mathtag.com/ Name: uuid
Value: 32e3638e-aef3-4b00-9afb-aa1302b0cb31
.simpli.fi/ Name: suid
Value: 6C7774C9F3404031B0F56E8D34EB7EDE
.csync.loopme.me/ Name: viewer_token
Value: ee8ae945-c58d-493c-8cdd-6d0e0612c4b7
.turn.com/ Name: uid
Value: 8480527932475672240
.adform.net/ Name: C
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY3MDI5NTI4Mzg3Mn0
.de17a.com/ Name: guid
Value: 1.3069470619164504429
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4148347070498717920&KRTB&23339-4148347070498717920
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7173863615164577945&KRTB&23369-7173863615164577945
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&KRTB&16736-uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&KRTB&23019-uid:f784638e-aef3-4600-9c8d-5bb85fd5326a&KRTB&23208-uid:f784638e-aef3-4600-9c8d-5bb85fd5326a
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEE3Q2jb2_cngqFTzEZpHbMI&KRTB&16514-CAESEE3Q2jb2_cngqFTzEZpHbMI&KRTB&23025-CAESEE3Q2jb2_cngqFTzEZpHbMI&KRTB&23386-CAESEE3Q2jb2_cngqFTzEZpHbMI
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS&KRTB&19420-pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS&KRTB&22979-pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS&KRTB&23403-pCPU6vN1ir6_JtnqonLBv6ImiLy_KY3t8yJSiBnS
.nrich.ai/ Name: _nauid
Value: a0616139-426e-4eac-a7d8-58cadaf40b13
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b4109c90-2a5d-4f84-8304-b24a7cbc6efc-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8480527932475672240&KRTB&23150-8480527932475672240
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y46u8wAB0VwtvQAZ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&KRTB&23418-95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348&KRTB&23424-95e690b7-a7cb-4be2-89ed-2161ec76e6a3-638eaef3-4348
.bidr.io/ Name: bito
Value: AAFo3E7HHV4AACB_507aDw
.bidr.io/ Name: bitoIsSecure
Value: ok
.adform.net/ Name: uid
Value: 1761204562382133583
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7409004770038962898&KRTB&23263-7409004770038962898
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3069470619164504429
.onaudience.com/ Name: done_redirects161
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3AA8k_L_Qza8_5ADU74ttvxsDuCioG5MkX.u1F6tU8eCdGEuYyZBcNp68b0Fhk%2BcPqyUqZw4m%2B%2BPP0
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y46u8wAB0VwtvQAZ&KRTB&22978-Y46u8wAB0VwtvQAZ&KRTB&23194-Y46u8wAB0VwtvQAZ&KRTB&23209-Y46u8wAB0VwtvQAZ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-44d42845-bdaa-42cf-9c93-c02c6d923616
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 87477d1d69958ef2d055d30ed802ac0d
.amazon-adsystem.com/ Name: ad-id
Value: A0x7ghMBb0SOkc7JxuHnXl0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: pid
Value: 1493625515242909286
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFo3E7HHV4AACB_507aDw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2e7b2fb3-4dac-42bf-7f68-29a11b4ab5dd.l6ebLyXN2FkRkK8OYakiMNfVynhJ2KyOx61Iah5lWUA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALnsvs02sQr9_aCmhG0q13VLHgiU.Lece1N%2FmHIjXZNaUHQqiT2gzMzT3McBVDG23sljhIcU
.onaudience.com/ Name: done_redirects147
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a1nsIHMwTkF6Xlypr9jJcseij9flcDIBRZcmcEvhpkhZdbnc5Zb6cP2YK97pvZbjSayDuYc8y0YpuBaln0XS7nKKBPCo
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Lnsvs02sQr9_aCmhG0q13VLHgiU&KRTB&23334-Lnsvs02sQr9_aCmhG0q13VLHgiU&KRTB&23417-Lnsvs02sQr9_aCmhG0q13VLHgiU&KRTB&23426-Lnsvs02sQr9_aCmhG0q13VLHgiU
.adhigh.net/ Name: gi_u
Value: uiqX4ZG4wCT.AikABlGE5VtqYQ
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NrGB8F9IYTjVjbUMMXhXagSn
.adhigh.net/ Name: btw_sync
Value: jDT
stud.com.ua/ Name: admixerId
Value: f010d7948ade478c9e644c0481fa62da
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 327966805fcb07a5
.betweendigital.com/ Name: ut
Value: Y46u9QAH36A5iBacZTcH0fiQZgeNsJrZzl_14A==
.bumlam.com/ Name: suuid3
Value: IiQ1NmRjMmM5NC03NTExLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFo3E7HHV4AACB_507aDw
.pubmatic.com/ Name: PugT
Value: 1670295284
.aidata.io/ Name: __upin
Value: 41tWULNEwAw3ynSRIWXJmg
.aidata.io/ Name: __upints
Value: 1670295285
x01.aidata.io/ Name: adsnpr
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1670295284
.yandex.ru/ Name: yuidss
Value: 2920897591670295285
.yandex.ru/ Name: yandexuid
Value: 2920897591670295285

7 Console Messages

Source Level URL
Text
network error URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FZBHyVAEz-Y2EP9f9waAmIBwSXPye6srF_wXnHgkINU7IvA8rjuUsCC3WPm4R27tBTQ7V_Pex_KjlRyhJWlohQRWq_9NfUXjQ
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FYtgZoK7U1Nht51O9UPGYtqx3G2cQoxz_J4ck43p8iA4tGXJG6hGviwtrvn6m_hUSj5tLR2NxMUHSbXC63BFkrUQXrqsg4gk2g
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-VLPF6hgM_eXNE4w-FtTo&google_cver=1&google_push=ASkJ3FaRrt0HRrY8fddUZWC-VKdzLVEh5puLHhKFVR4hGzoDXwhdcxbia9lZ_wp8_hOFzqLFct5iHqCDUuRD7BA9Ov3FF_g2Dqj_
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1be7c4068eb497d9c6b6e86e8864b726.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ag.innovid.com
an.yandex.ru
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
c1.adform.net
c2shb.ssp.yahoo.com
cache.betweendigital.com
cdn.admixer.net
cdn.ampproject.org
cdn.doubleverify.com
chart.googleapis.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cs.admanmedia.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
dcf81719440b552ac7f611b82d5d89f9.safeframe.googlesyndication.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
lb.eu-1-id5-sync.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
prebid.media.net
prod-rtb.ad4mat.net
pubmatic-match.dotomi.com
px.adhigh.net
rbp.mxptint.net
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
stud.com.ua
studlancer.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.storygize.net
www.telefonica-partner.de
x.bidswitch.net
x01.aidata.io
googlecm.hit.gemius.pl
rbp.mxptint.net
www.storygize.net
104.18.33.19
141.94.171.213
141.95.171.140
141.95.98.64
141.95.98.65
142.250.185.98
142.250.186.166
146.0.227.109
146.0.227.110
146.59.148.16
151.101.66.49
151.236.71.19
159.65.196.12
168.119.168.202
172.217.18.2
178.250.0.163
178.250.2.146
18.194.114.29
185.184.8.90
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.86.139.115
185.89.210.101
185.89.210.90
185.94.180.126
193.232.148.140
194.55.244.179
195.5.165.20
198.148.27.139
198.47.127.20
2001:678:cb4:bbbb::11
203.195.121.142
213.155.156.181
213.19.147.44
216.52.2.39
23.205.235.133
23.205.253.64
23.35.228.23
23.35.236.188
23.35.236.201
23.35.237.56
2600:1901:0:76b9::
2600:1f13:800:7782:a19c:ee18:a235:a64b
2600:9000:223f:bc00:8:48e:53c0:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:7f05
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a02:26f0:1700:6::17d5:a18f
2a02:6b8::90
2a02:fa8:8806:16::1370
2a03:90c0:41:2801::62
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.126.56.137
3.74.33.199
31.172.81.160
34.102.253.54
34.107.148.139
34.149.12.213
34.149.50.64
34.240.30.150
34.243.37.252
34.98.67.61
35.186.253.211
35.204.158.49
35.214.223.115
35.244.159.8
35.244.174.68
35.71.131.137
37.157.6.246
45.133.44.3
46.4.41.145
47.252.78.131
5.161.47.120
5.45.72.163
5.45.73.237
51.68.39.188
51.83.220.94
51.89.9.251
52.215.215.189
52.28.203.152
52.49.92.250
52.57.148.231
54.78.254.47
54.85.151.23
62.149.1.122
63.251.232.170
66.155.71.149
67.220.226.238
69.173.144.138
69.173.144.165
69.192.160.219
76.223.111.18
80.77.87.161
84.200.5.215
85.114.159.118
89.108.120.76
96.16.141.156
01803763e527c47fc3187927f42ff54845d70372c5d69c39572ee55bbc7ec799
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05db9a36ee28ba93f3fb2f1afd0933a093b8e193452b6a5e3400dcbe0c681537
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08783766133e935f5f3816c51babb1872b73ab651b39d8467e4e07a395f1b3e1
091b5f94da940b35af27150021749511585926b36c2c8e4c303df05a49864b41
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a9c8f114c8d867e049cfe23ad83ac4bae5e3303add1022d81285ff8a05b389a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e567988cd0fea979b64fae222e67a87d5efc5f11726e3c03a46028c0d7c0209
0e9b4a647a987ead08ff561bec2aacd7dc1773be8cf4fc656eeffb064c485792
0f270a8e86b9492388fa052b78231971859de971ffd23873568b5a5852f44ecc
110f9df01faaf1c095e17387e051c04eaff94428f9603886ef807e24d9915819
122bce79d8dc846d26040ac599f8422dd306e50d87a40212dbd2f56c46303d7b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17f0c0e71ddf36b7e72d76bedd6602d50707393ac12f4ac6f001168291d7d8cd
180f97ae92555578e4a1f0aceedef3fee9af93c325cfcce6fb527bb69e21693a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c9c271b49d596b345906d1ce8e64521bd849a0bad25a9dff196cb7142848616
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
2039916483235401902b27c593c789ecd8bb22e991c73bfc660bdabf5002d825
21caab46139ba05fe6ce0d8f1fd2efa48c88a1936e6b0827688553e5407f667e
21f5dd8a203308f3221c1a86def2ef84d69a87afd12a760c82494e6b29a493dc
23313432990343dc74d95b6c064148e6fdcbaad720d146994468f3d7226cedb9
23b1c875f371daef0b9f9bdfe9997ed3c16db084d4704578af4dff2f78e50631
243d0b527230de97fa908e3d04cb8bc93c355945103246f87b27a8b6f19241c7
245a56e7545d72473f31970a8867fb776e465830ec7f01944b57d772cef319cb
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
294a13825c6fdba4c89bd38681a27ff9017d8660148a1fd21ff2276afb40a094
29a163bdd6790c25a63f815bece0e1b8351f612ccf54d2ba1f2486993f7ab199
2a2e7a9db175f0bb293280acdeca9691ebdd13f07d4e4bbd5eae58296e38432e
2a6c5531a4cc2f59008e50b5c9f753eb0e8306ee8aedabd39f3170c21d4ccab3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eaf6ba223aa3e584c45e61f98c53c8369dfb8f74430f92206d728557a29bf16
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fcfc7e9d9cfb7a7e057d24ebd6ebf58da3a6c91ef1ecca4a1f78a1b9d1fc3f8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a92da3d2476f7a4b87e23ab4a82f0189b58af3491ad67be26dc0920e807b2b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330817c842894cde8706295a6763725fbcaa6fcc05d2387562167f47a6a0e229
3582c08acae8ca98fa6c2c32f23664da518440da0770dd230f4349fe68fbb917
3642905537a976d941a808ef02abf0acc468623e46d2f6434a48cdf2ea9914bc
368efa57daae391de6f253828bf520217a86aa9f2e50d79a28e259fa746b769b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379d12bc18d8f62fce29f2e976cc9a2f242cf5587489023a82877d465205bb2b
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3a0b2e1ab74e77678860f9eda0f8b8583f323993a130fba6e8b7884ba4cdb58e
3c49b237de4d3dff66290009c921d9fb77095d07602e0d26ab65d09e09e3dd43
3ce24d304f451f4d438a9e535c0ab6a9cfcc5169fd20afc575c4ceb53183918b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4676429835a2b8c9f18b8ac4f303fed85374c183999e7b6d3a0817b85bb56f0c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b7be819803ee77b1bcadee4873f8d3652847a882cc720ec820d0940d28a305
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c122aec9e8f2d45f46ad4fa6dd058429cb92117ebcf7931c0087d75dea6903c
4c2e8d6ada53bb78aa93fb70c7f97b417c8207da98a04e65232446aacbaebded
4ccdf5ce9975e6319b06f72cfe5404715c74320faf74cbfbcc02d96892a56f32
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f810f56c712592f9127742b3516156f127c95c6d2987cbad759d5ee3466c0d4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e006491908263a1a915879d5d9c36c68d21fee9554465c2258584838f313f2
510cc92c9706d90b39873aabcd643602d7c1ed822c40b21674d8af9f4303c095
526f0ebd7eca1a05da46cbcf52542ed5a4e75db5d9ebc02c1deb41ff28ea6e14
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5614f383999bd1b518afae26fa041f07b62de653c71f0caabe647c49f5ed0d35
563e2f1f30883d0d6f38af0a3ab53d70f4ad62ac986381da22770808dec525ee
59a961df1f804e5c86e064087c6d53ccb19bf0d65591d8348a2ef374c247bcd1
5b7a55d31c58edc91b618db22eeb5c3ddd38f8eeef1b6293ff6f1b0869b5f4d3
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ef7c96110916b90a2b9ce6bb03dcfc808b9e00d5914ce6b6f77b8da341e3bc5
5fdbb29426d091209c754c15871f46967600ca0da13ed2bd053b3e3009243054
613607903c79d25d0160be6ab1893179d0f41edfb0c7fd570cb2ffa192a68780
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633fb954e4c608aff445328431b5b0e37bc4ee62c11c110793906913f1923561
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63a735610915959bab3f33deadda8a7a32c533ab38c4388f9efde300dadbd0d9
64b6b8aea42f30559b3ecca157e2a38ad0e362007f152efac362bff5aa7652be
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67ff595af04d1364dbc889b858994062e61b0acaf277a12e823d76c0a5964603
6b7f1cc2602aa55158b1f9a4407c166eae580c0262fafa0eb1f3581c83b68860
6bc7ca08b6253d3467f7ac4b7038dc93fc1078af79cc2783b28175701ab9d44a
6c6d1d18414542767c89d12c9a0414acc07895660a06b062a754f231710cf93c
6cde524e6ba549ae2892f37515bba1cafa432bb0cb93049f189dd434a50b078b
6eeac9335492aa35ade68bb9255dc5917c5018d055b111c8df9ff928ae923076
71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577
729ee79459e1669a685373e2c43cdaf02c332b6e40f049eadb59a1ebe4051c65
731328e77245a295711dcb1e13c2273a05c5805f6986e05dcf8ce5f960b5fa34
747dca55f3574e0e2e2018f1e7ade84da708f8311d4ef6be6002b20b62e7a5ab
7756785b712b0dd05b943cfbafe3b90f3e1a364fb7125b5963df759daac631b1
7a3e651e92485e93f4cb99ab653e77098f191e126ecd53625f9b6d4a105cd8bf
7b9e7fce08bf67ca0b1d4f30379c574fe64a35c732769e30a1ec3b4143302d31
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86064919177e5221b92be4cfa7426ef2f85fc74d47948518e193724ec3d467b8
869802b0676ae800709c65ef9d689d7c2bc3693247ecae342431a8cb5caf4d23
86a1d32586d12adfccd64c53812e62fbe1ba25b863de88a094435b97f7e308c7
8970d033a3bcda6a0b09faf9257b7248067b43009c6e8fa6ccbcc4584d2da5df
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b3d41a0ca07e57928f7b0d8f118103dbae128b49f606d7b281c048f67a66af9
8d5804b1b2063b20c732b7c083513a9e0d1ec69bfd59b1b51282e670504b454b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0038f88ebe21a9a17b11aacbd45ff7e3dcb50747eef1fac99aa11bd915ed3
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
911951dafde82eca83f2c01a15ea627e1d22adcaea1c63f50c25df1ac6402971
929048e6f1ecb4fbf70387e63a018fce0ed854b956a69c5cac16e17fc717d1c6
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
96b54f02b75739e2e1f83b11936cdcd660367f39e54e7b188b601901d6a5fa5b
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abd094046fa97cc586eb240ff157b0dac4061ae7e0f5149282c285c083e547b
9b6d42772cb994d3a02eb092408136bf7d30a301feddff6495fdab708242de62
9c217df682e84389bfebba75db4d349187c8ca65e584a6632ab49f270fd9836a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ec0f64e5dbe89db69c74e916f36c0172a2d99ad6f6f2b22ca48e4493f2b3091
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a33bc9544413b28cc3ddd79edcbae9d39fd385e9b12f5bd45a742035c1aa3068
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a77ddd6e1f9a51be62ecf6fe0ac747f0e24420bb72cf4c1bc7421b7faddccf5c
a9111dd41fc920dfd5aebd7218cc30f8efac27096b1d46c74ee76a5e1d4c3476
aec5b7cd6f949cb097623d6cd0d612eeab5cf127243fe8e38fc45fbed3e135f5
aeffa1bf2dbf59661c6b04ee5d7b6faaebee0a54d10a188b2b9773c073e75f3c
af0946d3489dee20c73508718f3ebfbf97ddc6eab6a2dde4f6092be47f77961c
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2635f2f74dc0c033efb462cef995dbdb9472b7fcca5ab950f68317666710d4d
b30c02acfdd8ba4d606e4c1a94bd41d1ec44bd3fd2fc5151bb8a66371986116e
b353cd7f22b22d1880bad88087ce835ed56af66c24d95ef6963977a3dc24b347
b3d43c4ade06329f0ec442e30c4c920316f0cdca421891400174138598af1170
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b476acb11105bb172d81cd83566d4451a45d55a40b1a80fdc917e65953dcbe01
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bde2fbffac90405f2e77ee244bede51b9ccbc906bfa38b213444b2c1bf1f1a5e
be8496f57a7d3e2fb42225fb550ef292310df08e23c928dfb86aa5763a995cbe
c02693930661ec36a19ffd13fa984ddd5aeed9caa1cb3082efbf066b704fb389
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c142d3dee1ddd5b3020b8961d5cf2b0c1568e0f447e723729f3bafcf7a566efa
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c2198f815359a7c285ff247a7250c7e47779b2838207fe79d129c55b20611bdf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d08aac391f788887624299c7ff4680cd39d151001f8de376b3b651c92ea63d
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5363a271c8fbf6e6a6679886d4bcb588d1bc0702a938df09dd80ba581afd92f
c7ca2cfa0db1a04fa539b48dffeeba6c580e124d10c5bf0702f96e38cbe63a41
c8cd2c1e9bac5933601ccf529f3dac1cd6678ef578181ef411623579905ad09e
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c968d56c27b1a0ae8355f0d56c1fae6f92797597ac96e5ab2ee6f8415e72c384
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9adf2872df2e729a3f068d8372119d928ae9b5fc6b54076e452fdbf84ab5d0b
caaac8fb1c6a45cdfc98562012cd8fd2e64ebb06703db87a0e0b1822bb4ebe13
cddc22c7f3fdf44b4c915ce8e76379608f68d42131cf1e7e2e99064cb4762603
ce7fb2d22faa2608b32022842c0610c0e0ede1dca6a0bc387e3cbd7ff5a11dc9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6cd2ca21a8357e8ab1db7c9add8551b4bab7403d332db88925b0ffea15237c
d06b371bf85ce6c3f059932191b13fa2f86f266c34a1d16e9c10bc1ccf5c785f
d0e720f62b459f49955da948a39307b9af8b26409a3369937ada7707ada38ccb
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a
d3dd3685331842ad913ea2622519536d9923104521a69e3e761fc2ee07e39fbc
d436caf347940b8f2326d6584f6b48e28eb889a964108ba508454bda21d0eb9e
d690786187fce6782d9d8fd0cbf3bb49dd2859084aea2e4c4507df3637686ac0
d72dc5366f3396ed9db2d11cee07244e9b7047965de411e0ec6550701fda7ce8
d76c12634c69fbabd3590fd2757c1986ac39068ceda738e24c37a9026c9f7811
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8a1a822a2c8438d8ccc563a8643d41c99813e0f1217f9a54e2e611007f4c671
da15f510f502b5bee7171f62d15bf0d730d0e7208878dcaba8a49046ea9a0242
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
df685fe7d21457a0d689223ab3352eb28c7be8a8c63c768471c4897f9f2903a0
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e19cd1cd41972db5e35d5bbdcd8615c347c2dd470dfca4cd004196c7b1314bd9
e3860d168e75ce56cc25f9acaba89e7e287212d81a268f9da4cb24135bc9fe92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6555d0cd8ff3c66a3aed31e847dc2de95e328b539563b673d90cd04ca5e6825
e9ada260b447ba1e84e66a87a192b0765334b8af90be2753d4f405a08b9062f9
eadcb1af465be5c65d5eb94eaa2ddb5b9148bfb9aeff3246bc75b6744646e0f7
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2fa925f14970a86e5fad6e49da81dc962052bf142175a111475bd7f6f032ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f1761ffcd267b14b9a9d3ae95e34958fea41fd067f2a59c800171a32965f4c72
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2b22d7a3bac942849bf1b95f37153c89359ef0ed36db6bdc986bd466b241816
f4e409149efc9f5886d5196c4f98976b1e4f2d4f523ad480ce6393f7ec721dc6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bb60443b7589ce36d7fe7df1b34f7111709ec8bbc2fb561d67d725664034fe
f716e51a722e337c511181483abd9bc0d21b9b80a0ce1878949d691cf84fcbb2
f7a9975c89da2095ad937d9364d109d420bceea133109453fca2251c2302a9e3
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fa63125006170d55d40133a28ff3e8a8c64b38682caedfd633fa67433bd5b281
fc5a64108df764a984d50b3e3762749bf1807c5aee932a890d99547bfeee77de
fcf8f7255753307157b5a6a381e0680ca30a519ad76e8f647f2b544b3a0883a4
fdd198d7b71e5935bd501de8d205de866d0588f88addd373f9d153bd21aeff75
fed72901ca483968459068f26a7d91f7083f93551ca9cda4657796d7c91092d7
ffdc72e2b5ce6cbbc34744a79cfea66c6f43ff17cbb0b32715e8817d8422f0a2