vsim.ua Open in urlscan Pro
2606:4700:3035::6815:3aed Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On July 04 via api (July 4th 2022, 7:49:22 am UTC) from GB — Scanned from GB

Summary HTTP 175 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 29 domains to perform 175 HTTP transactions. The main IP is 2606:4700:3035::6815:3aed, located in United States and belongs to CLOUDFLARENET, US. The main domain is vsim.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	2606:4700:303... 2606:4700:3035::6815:3aed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
3	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 6	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
1 2	54.246.237.93 54.246.237.93	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
6 8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:7c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	100.20.118.155 100.20.118.155	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
175	47

41 2606:4700:3035::6815:3aed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.237.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 100.20.118.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-118-155.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	vsim.ua 1 redirects vsim.ua	943 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	523 KB
23	googlesyndication.com 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	126 KB
23	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 bid.g.doubleclick.net — Cisco Umbrella Rank: 465 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	252 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 771 static.adsafeprotected.com — Cisco Umbrella Rank: 562 dt.adsafeprotected.com — Cisco Umbrella Rank: 481	94 KB
9	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 542 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	8 KB
9	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5725 ghb.adtelligent.com — Cisco Umbrella Rank: 6305 ghb1.adtelligent.com — Cisco Umbrella Rank: 7431	154 KB
7	google.com accounts.google.com — Cisco Umbrella Rank: 116 ampcid.google.com — Cisco Umbrella Rank: 1722 region1.analytics.google.com — Cisco Umbrella Rank: 5133 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	76 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	7 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	115 KB
3	google.de ampcid.google.de — Cisco Umbrella Rank: 48123 adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
3	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 26513 id.gravitec.net — Cisco Umbrella Rank: 126561	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 944	38 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520	164 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6853	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 53179 api.gravitec.media — Cisco Umbrella Rank: 41114	2 KB
2	20minut.ua tracker_beam.20minut.ua	135 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	115 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	614 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1291	63 KB
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 17930	374 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6442	169 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2765	501 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	39 KB
0	leokross.com Failed leokross.com Failed
175	29

	Domain	Requested by
41	vsim.ua	1 redirects vsim.ua
24	s0.2mdn.net	vsim.ua s0.2mdn.net 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
12	pagead2.googlesyndication.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com vsim.ua bid.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	tpc.googlesyndication.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	dt.adsafeprotected.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
6	ib.adnxs.com	2 redirects player.adtelligent.com googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	vsim.ua
4	www.googletagservices.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com fw.adsafeprotected.com
4	ghb.adtelligent.com	player.adtelligent.com
4	player.adtelligent.com	vsim.ua player.adtelligent.com
3	googleads.g.doubleclick.net	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com vsim.ua
3	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	connect.facebook.net	vsim.ua connect.facebook.net
3	unpkg.com	2 redirects vsim.ua
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	www.google.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com
2	tracker_beam.20minut.ua	vsim.ua
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
2	cdn.gravitec.net	vsim.ua cdn.gravitec.net
1	id5-sync.com	player.adtelligent.com
1	code.createjs.com	s0.2mdn.net
1	static.adsafeprotected.com	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	www.google.co.uk
1	region1.analytics.google.com	www.googletagmanager.com
1	ampcid.google.de	www.google-analytics.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	www.googleoptimize.com	vsim.ua
1	accounts.google.com	vsim.ua
0	leokross.com Failed	vsim.ua
175	49

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.youtube.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-12` - `2022-07-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
cdn.gravitec.media R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
api.gravitec.media R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://vsim.ua/
Frame ID: 6FFCFE0EE0E134EC6310626E866C4AC0
Requests: 85 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: 8DDDAB72AE4482340382FDE3A49C20FE
Requests: 7 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: E26F7064826FA661532388957C9E94F5
Requests: 1 HTTP requests in this frame

Frame: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96C3C9771BB3CB3ADFF0607C71B92042
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C66D8603C25EA2DB7B76B9F239FD197
Requests: 1 HTTP requests in this frame

Frame: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25FB140740A973B8FA578627D4736571
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ3VmscBMAE&v=APEucNVjG5R7DKy0Bgq9e1w4RG5ACyG-0qkPT5zQd05-0E1wBNnJthFS_LabpW-lBe_aqRUm-9jT7GBBPbzSxgZs3npOqp5oilcaHAqdPuzzE4q6spc8fu0hNakiFT6iO-kaGD6yC-8Zh9i_yTNICsP3at7YIxxNZs-j_6w82ijlUosMQGAfN-E
Frame ID: DF691132B104203AA740EDAEA2F2F0A0
Requests: 5 HTTP requests in this frame

Frame: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6EC28A595E73FEBEB95DCF3E4B52D338
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGKaYvcEBMAE&v=APEucNVWessP8KQUvpVEP9LzlvSGLW3duMFd5155tfK6WG8-oDIaeVEaaOwYiltnfM0j4f2cWggJSDQVC4slAov_1-SRNC1VDXkjxiPPgLb19rF41gyqpnTSn1-rl-02iCADL_yZAo-EazAnHKxRrfHgBcfiqezkFAA96OMcrps9SJ7o5Zwpgns
Frame ID: D8167E6ADF544C22971C10CC76B9D1D9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3ABB089A5BACA370CC8286F86B4E86BD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 825988C7DB8B5919CABDC1316D93CDB6
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E0D81A7C634152CB748A71E29CC56A31
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html
Frame ID: 7656CCEC2EAEA3592D70904AEFCBBEC3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
Frame ID: 72DF42CF7DA00BC278A4FBDF17CCAA5D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

175
Requests

93 %
HTTPS

59 %
IPv6

29
Domains

49
Subdomains

47
IPs

9
Countries

2703 kB
Transfer

7650 kB
Size

27
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B2%D0%B8%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F%D0%92%D0%A1%D0%86%D0%9C

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.2 HTTP 302
https://unpkg.com/imask@6.4.2/dist/imask.js

Request Chain 81

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=e2aed882-bfda-4d0e-a889-54219c2e0e5d HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=e2aed882-bfda-4d0e-a889-54219c2e0e5d

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtWvf6Veswl1eOUweMf8Pg&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKbfQl2gDOnvIMc8Ci80QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeXt9obh1Kl5ylL9PSIAoo&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKbfbH1uNR0QRpzCL3JYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED0LhM4eBdcSsHYdRpUQLLQ&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

Request Chain 128

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968045/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:76d24cbe-4dec-a29b-d7fa-cecd5db411c7,c:hnMRc8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-g7h6t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:ce97e2aa-fb6d-11ec-a0c1-06be961ae6bf,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 172

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=SqRukHxncGVBdkZPMTQrMDdxYlJXQ2gvK3BtUmpMd3ZQQVdtbmY1Q3MwaHdIT2hPUWpBRk9vbmlHc1BMWTh4N1NKU2czZDAyY3pkbEI4aWhhMnZUa2lUd2QrdU1xVnpoWXpVMWNiRUNvaXZoWHBiTmxDZmxUNitTVERvTDRCWE9rZGExUVkxd1JlUHVRYUVpWGo1YmRnSzJ1eHpNWlJoQ0x3WTN1QXV6amRGT1VQNGNuZHVDekh3RjdsNE5GZ2poQ0JGRGdCRnRxdHNrc01RbFdsdmJKTkloTnI4dGRMNWhVOEFpd0pmQjVIU1dQVUNFPXw&cppv=2

175 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

176 KB
37 KB

1263ms
1163ms

Document
text/html

2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6674a5264a5bfd679b6c8c69ef5b6075292361d0842bbcb57a772590e6640bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 7256435b8f398892-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 07:49:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIUJm7CDVEuMMCS2lEneBGNgS6LG89GmMix2%2FZYnSekBhmFwb8Fh%2FS18LpCaeCZ5N%2B%2BOXXdCCmiSJmE%2F2TCt49OsIEtC%2BvNDT2mBLkV9MwuOGa6f1M9z%2FfLvFkOi5ardCGIjDfv4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 72564359cfca76bd-LHR
Connection: keep-alive
Content-Type: text/html
Date: Mon, 04 Jul 2022 07:49:14 GMT
Location: https://vsim.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07%2BqU9cn2hERfxu13yI%2F1UNc0tovM%2FhGYkQ%2BGrzT8G5F5UkHO4Bm622mqLCngNFAlcakxAkQOJGP1yPGHuDZs%2FIT8D8WTho7f%2FhQZEiBK%2BFWUWwoAnumPZSYmdNAPN9j3Z2grcTt"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3831ad9.css
vsim.ua/css/ 629 KB
98 KB 70ms
69ms Stylesheet
text/css 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c09765834b837729cdca7d9fb46cf11c6d86920927f8102cdc485c2c1aaf415

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78998
cf-polished: origSize=646145
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 10:15:37 GMT
server: cloudflare
etag: W/"62bad4c9-9dc01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BdUn14KWH29DZCdg8K9DA18lQ1eccHhSq1722rZP27%2BxHF7wZ9vH05AD%2FBLFP9W%2F614FjalDEwOHVgaTGi2jmI7lEf9iksPM7Rr7YW9AIAAxbJ2WTQ%2Fio5mh1uKF%2FrSzhtl4Zb1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 725643634dc88892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ 43 KB
15 KB 117ms
116ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656907200
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b1039371300c82aebdd55114bc5d1a49a19f5b2b0ae25dff3dc0c90acc9073

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj3DtorOtYg%2Bso%2Bt4oiEiw%2Bz6%2BVeYayg6V2ezkjSYlkeP231AQfOMap%2BKpMtttnHk9gPWdzrh%2FtPc424SdE%2BDY81sQ22YXaKTdgCAcsVSS3zIeGhfU%2B3xXEfqZ%2BGg%2F53Amu3obll"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 725643634dca8892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 100ms
97ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78998
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4716
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-126c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vez%2Be5GGxi7CTqqMzkJzUZuU2IGyTJV%2FdImBDPLHlhc%2FR8PJcPwVNEqSTfPxhFyIBJzxQdvihsKodyhJ4iDc%2B1e5cnhSFVnxyL1fvBr5RqwIb1qW9Fx0s9oi%2BS%2B6yQ0QYAHU6ARS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 725643636e0e8892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1011 B 100ms
97ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 5719
etag: W/"5e4d36b2-467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FnIC5uIjbJrF4C5z1mO0Ak5jnKYiPYVKiUBaoRibcuapX6flHCwwTlbH9H6YGYBUYXf%2FaDDBPlazIprLDJWqgt7C%2B7YRZ9wI%2FOXgkgrQ0fRWOZvzl%2FH8a8PwglUFh%2FDcZmudQxt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 725643636e0f8892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 101ms
98ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: cloudflare
etag: "6218cb88-e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUSzeMxiz%2FypZchPh7kLCHUVi%2BVREHxp%2BDmp2jJjt3wSRt4%2BwqrRxye8y9FaW1ngu3EIzXiOMbFb7%2FDw48BghdXiWO6qd%2FJG0rd2a2SPvFvuBUgyh7C%2FBKV3q3L6Z0Yx4%2BRuQI9i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 725643636e138892-LHR

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
768 B 100ms
97ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYQBpfHgx8WqYOC7CTDmCkAZNPZ19dpzndgYwEKz9TSFFPzSsjijhJOZVE5Xhpd%2Bn3RmouQ%2BVZdmdo%2Bmd36fVHuivcuynO96iDFrtKwUsmIyVL40LpkveRf42L00w58qNyCy%2B7zu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 725643636e168892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
842 B 99ms
96ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 365
etag: W/"5e4d36b2-3a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgQ6Su3cmHq96sZGTd7Ebr7UIO2GM5cmaDC5KE3rjnprDnOKedpTYvoY1xOmOKLG7pFIiTMt54NVNzhAvS3v8v0v%2BKFjzeBUH0yql0h%2Fqg0Zw6wHOLlEJ0CUdkPhmyBezQCdwfWG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 725643636e178892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
571 B 101ms
99ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78995
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx%2Fn6fdm0DwOl69OAolno0v6p7%2FlaEBBQdjkmO5Yw3PM%2FscRJ3MCZZzvWxGxSLNXN7YzsHp4FYzE%2BK%2F49FEaQvB9NXpCDCK%2FdHgQSTbqf9xi2l0Gqgtyb7DOiHUeTIws%2B5eg352w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 725643636e188892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
833 B 100ms
98ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5575
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-2fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQCmovJL0htVMMNF77Q0SK0%2FY7rHAaP2N5UtA3NB%2F4CjcOvhRsWYE5U72pZ4i%2FLN3a9aswpfpQB9%2FcOW8WikAERcrozvxw%2FPTerQFl%2FBN0lnQTbq1XkyBOcp2W%2Bux6mRpnQgzsej"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 725643636e198892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
9 KB 102ms
99ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8206
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: cloudflare
etag: "620a82c1-200e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO7QEGbtF9HVmD0EHF9dRMXg9BOCB5GGfLQRzMn0HhZ0y%2BWtPiFXdiGnzBQiDI5IFhOVvN0sYPyqoe4Xmu9ep8GeF8Hhv7cVD6jGnYPIlVdWY3BLc0BCsuZEsbjq7J6%2FkLAfAWth"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72564363aeaa8892-LHR

GET
H2 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 111ms
109ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78494
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-1329e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqcdUiF5p%2BBUNIxWD1teSi1at13oi4qDSuB1EHyyOGi1WQ9M69jMdvfALtNloui7Q8pSqnFF72Z4YndIaZbPLxhMVPgesSh84IAJM%2BtQ5NlwNymPihN3GUClQ6JdU0BM5lcmClvX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72564363aeab8892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 107ms
105ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13734
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-35a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az8xIZQCOAu%2BUO4MtsXqfQ1TPRyp%2BZ4M8xh%2BU1Dyvu4vHPe4bb8WfAJ5N7g5niMXLeTK3w9TCAOb6n9MPzKOXpgDMtkRcwHYCW77prVm4P1fwyDBNHNp9vaIccTjZFNQzosR%2FGFI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72564363aeac8892-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 102ms
100ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo%2BvaLh%2FiwosenaqFoUCcKw9IsgYIxTV3iZvXC6hLutuPQRY9cC1mXi7iKxG6anw%2F4OqBjrDPil1kWjVw0wyLrydpycrnJDdrEGbv805zcbHfMltiB5hhf96R1xsUgE%2Balx97ocY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeaf8892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 157ms
155ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-884"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24GDZk5EqpuNmuxFq9on1ZhmpfdOAtTLj8Fy4bHi2%2BsmQwD2kUT9Zi%2BUXIDrt7XD0v2IYUFdgAJalR%2FYYYSmA9HEXdf4UM648CvkCRComrOpdx7uUfL0KZ5k4Xz5DrZc65x7pyoR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeb08892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
1 KB 114ms
112ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUTP9MiJWmNoYjx5rA81xLxQMVp5Bfl4%2BYRjhDpl9xoxt7CD7t%2FQLskdPssU5P5iug%2F%2Bt7Rg2hi5Na3uv0wzmi%2BQewK0y9r4AnOo0sa7iWA3tSpnGfdDpzD%2FHcyVTikm9RpSMhoE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeb18892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 156ms
154ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-7c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bNRJe9c1mZRdYgJO9k1vKB9FIbVj6wokLZfqNufftBjU5Uj5Stm8XGaF%2Fhq0k%2BsKVYfLtW%2B48a7SU4YrPxUV52Lf8rwtCGfH2Oa2iUpoI%2F8GmFBAacQyKJRK1nDZ0gXzYs0YcC2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeb28892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
2 KB 156ms
155ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-1132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOpddmKq35S4WdGEY3VOhFCR0cKVa8Rj5aGMSydLxNgbLQM37NA5vLehk2bdpcajdqQiXeQeu2c%2BSRBGI5KbkT1HLxZK1oGUZxVKYu6C78ZWK1AH9fgzKhfLrFEbhyz2RZoRGwx3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeb48892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
3 KB 113ms
112ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6711
etag: W/"5e4d36b2-145a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HICHG0wCiKTrRBcef1tsQHsWUQedtG8B4kxsvtaN48G1KNdKdwnboZ%2BMofLGwO4oWWr5CPt%2B52JMtDr0dpv2t7XDZJZBSS%2BS6MOHEJhIJwN2A7nzJtKDnsF6LGN3QOD3XpxgdACh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeb68892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 99ms
96ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 11:19:50 GMT
server: cloudflare
etag: W/"62bd86d6-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIC%2BLKLC4uTIPLsOoFOKrKVd9h1bYsaRSU45mEmcHNjqyLBXjFeVlRsQxsCb%2BLiF0Vr%2Fu98M0Voz7D29%2BK6sZbk3tdtXfE%2Fj1T9ebLIiRLnb8WT%2F01QqkJdTPnrRarbz94wgNqgI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 725643636e0c8892-LHR
vary: Accept-Encoding
expires: Wed, 06 Jul 2022 07:49:15 GMT

GET
H2 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 100ms
99ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 11:19:50 GMT
server: cloudflare
etag: W/"62bd86d6-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZHQmwHRXif6CKgmAWqiFvpINyBgFTrSDZy3O5InCpfW53ZGZFve4cQmIi3qYh9l6o9jDhQyO65QzVMqtTfvXVc1ZzcbqDm9DMplzg%2FiI%2FXkySXe8hVGLolMWbkFE2vuDgT5XKrr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564363aeba8892-LHR
vary: Accept-Encoding
expires: Wed, 06 Jul 2022 07:49:15 GMT

GET
H2 200 iframe Show response
vsim.ua/site_login/ Frame 8DDD 6 KB
2 KB 496ms
496ms Document
text/html 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4974ffef2715fc94144d9e0ae396e59d6c2e43360a91dd878257ca982abb75f2

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 72564363aebb8892-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 07:49:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLSWd6pEWkrVd6okuLjBNd6ysDs0nGE%2BD0HTtKjhuPEw9SJyhxgXJ%2FByPc4O0hpOmUBZcPCwkbDnLTqP%2F7Irbj8U2Pwhpwo9UWGMqdpiaR2aLZOR3LHN4ywKOGzVvbGHjtmVS5eB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H3 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
2 KB 312ms
312ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?5ee17681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?5ee17681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-bff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDBKdA5M06mjkIW%2FqBG3Uk7%2F%2BE2748VDl5P%2BTG9BHaBarwupB6ahm4Okuwvuw%2FEeXExA5L%2Fm%2Bnx3%2FdzJzl%2FNmHKZcaUKG6z36C9pICfmf%2Bxhp6%2Beoo3LN%2FVTTTgafxq9LvRZ%2BodE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 725643644ffc7762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 108ms
108ms Image
image/svg+xml 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?5ee17681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?5ee17681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCOGgnCRsyq9LGXS7nJBQ%2F4ICJo20CTEUlXC1PjiAgzeX2NsxsqwXJZk%2BFHhxGoXD8y5b0xGrFb0Ywi0NcXM%2B39DEBDKKsGh8pYOuQWc0kQJy7PWjGBz7zqc2JYU1%2BcSVy4%2BHMUt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 725643644ffe7762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
1 KB 294ms
294ms Image
image/png 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?5ee17681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?5ee17681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up6n4uM7J5RXXAhKHOrtUEvz0De0%2BVi9UftyThgNEik7VZ00ahuE85pcDxSOOw%2BK5YoR7jg1wC7HiwN8wzvnQn7Qasnk9CTNUFe7%2ByE6DrSe6mpfqcz4h4LUlaBCZpnFEHhRrOhI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7256436448017762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
71 KB 59ms
59ms Font
font/woff2 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?5ee17681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?5ee17681
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78989
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iNdqgV4ElZp%2F2iLvMDVJ83D5R%2FyW9Ck5P2pK4PcjA1FVWD9uSvn9nEUYGnOOIc4U%2BO14MakSGsJsNL59FYxP2WlbxxvgLr0fGiXxrKKibLej1sLuEefEgZ9iI5FzJTHrutOOqhY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72564364580c7762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
44 KB 153ms
153ms Font
font/woff2 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?5ee17681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?5ee17681
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44300
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-ad0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR6T982XMAUxAK1O6Tja9nlmFT5yOgu%2Fy6NA1ntHYyU0fJLVLEoJlI8SiLef90boNUGRwD8o3IVK6ntesMVWgiGV88RmkiALl0LCg%2Fpk%2FBLKfH%2FotP9aFMrRaXd50JuaZMBO%2BQ4V"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72564364580d7762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET aGeq.js
leokross.com/vAW/ 0
0

GET
H3 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
246 KB 114ms
113ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359793ee46fbdf7a9782612719c4a08dbc83704fa3f2326e5b4d9eebb6fd9ba0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78977
cf-polished: origSize=900004
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 10:15:31 GMT
server: cloudflare
etag: W/"62bad4c3-dbba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M3EhPlX372CglNtTKNZ9mTSgP9tOjtYnZn%2BuoO1p6NHmm6lrt7rLgT1Kgaaw91WDqwEbJ0ZvNChi8gYw3KJWak7%2BJxB1NNK99bmzAHJmLUD%2FHEI5PVf1TA2gPUXNuVUeTFG4qAC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 72564364c8bf7762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.2/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.2
https://unpkg.com/imask@6.4.2/dist/imask.js

166 KB
38 KB

62ms
62ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.2/dist/imask.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12518265
fly-request-id: 01FVF0KJKRYS01R3X0C6T0GEMS
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"297db-B/zbN+2crPCo1IRXSpVqEqQx/1k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 725643664ad97447-LHR

Redirect headers

date: Mon, 04 Jul 2022 07:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVF0YMCJAATR9FJZBYAY0BNZ
server: cloudflare
age: 12517903
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.2/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 72564365ea517447-LHR
access-control-allow-origin: *

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 172ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d30de7cd63dc0149edcef088e0682c3d9846240c6f5d7015049273d840211c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qGWntXmA0m01pnUFO5LXNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: gTW+TdgG0IWGdxdlbXGdQNp9dcJzdncCYlRDKTZJpT3g7SnojIdUyhwFR/4NMxwDBeR7QuHLMnSlKnoUXU8KQA==
x-fb-trip-id: 917726464
x-fb-content-md5: ec9ebe0e02c6dbbda74e8aeb47d1938f
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 07:49:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e457c7b036014acdbb9b3a233a4d2c28"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Jul 2022 07:55:24 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 217ms
90ms Script
application/javascript 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

364f1071fc95b34e41d1e1438b6d4fc09eb04f4012367dca693aff23eb9d3682

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ja06Bj5SZN7B0seaSKT3wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Ja06Bj5SZN7B0seaSKT3wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 04 Jul 2022 07:49:15 GMT

GET
H3 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
35 KB 210ms
209ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78977
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 10:15:38 GMT
server: cloudflare
etag: W/"62bad4ca-17b3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxGCqI3S6JMdLA0NcnZ8aQil66qddXxs1JCvj9NeGzoQ1w6g4XI5bsK3gp%2BmWaHsw8xUoDwf2%2F%2Breth5t7qKH5cDfyM2JVDQVJF7wUIArRsddq060R7nLbm%2FkYTfq6T%2Fh%2BiMlLd%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 72564364d8c37762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 246ms
113ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 09:11:37 GMT
server: nginx
etag: W/"624c07c9-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 05 Apr 2022 09:14:07 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 101 KB
39 KB 194ms
63ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

474613e4fcf690ca5f1f6f8710dcebefbed470ae5b2a40178942ca6659532023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39629
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 07:49:15 GMT

GET
H3 200 fc40332.css
vsim.ua/css/ Frame 8DDD 177 KB
31 KB 67ms
66ms Stylesheet
text/css 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78996
cf-polished: origSize=181636
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 10:14:14 GMT
server: cloudflare
etag: W/"62bad476-2c584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnNb9SNzlP6yZH6dHM7caHjDlIgNlFXpguW0izOoJnn2xtzTCI6QQfArN4kNP2ynfHUHdzGkLEA%2FqggJGDK77JO%2F4jqEFIwW92nb%2B%2B92%2BocUN72bHGBXgZ4I44%2Bj8WR45Q3VTUC%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 72564366ac227762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8DDD 46 KB
16 KB 70ms
68ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656907200
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af887587cd5d30d70b1741dc611e40eeb175babdbdcffaa98af0e85145368e69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNI5hR2hnDgPqnyBWexViUC2T0ev1vvxYsEfR0C2DWe1LkuIj9qQkCcS%2FAPHifDVj2fvc0CGO1Dc1JIVNNG%2FUbguWUkXlmZNxVetIrS246LRkyBekZWo7aJbZyGk4eRac9JYO1Mz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 72564366ac237762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 8DDD 12 KB
4 KB 65ms
64ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/site_login/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 11:19:50 GMT
server: cloudflare
etag: W/"62bd86d6-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHlVHGnAWvDW4j9QbjsIDYReN3XZ0Ff9VwW7YKk%2Fcf92En74oTySrZrWLdMEpwJ0WOw%2BRF4RTsHfsDczMZapw%2BvkrvG808xckYKPl8%2BS49s33kHifWDSlCOSz%2FMyriK8VayuSm5E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72564366ac247762-LHR
vary: Accept-Encoding
expires: Wed, 06 Jul 2022 07:49:15 GMT

GET
H3 200 dba7e9c.js Show response
vsim.ua/js/ Frame 8DDD 246 KB
73 KB 58ms
58ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78996
cf-polished: origSize=251457
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 10:14:20 GMT
server: cloudflare
etag: W/"62bad47c-3d641"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fkrua9L2UexK6I5biICyNHRcZP3e%2Bkp%2BDDGxQT0le8byOHz8xUNRxsihYv7m%2F2uwlCMxQO35qxd0K%2B7WRcHt%2Fr2GbsfVYqdYALa7xm1nRGfuYjxliPo3o1ryBqJ%2BXwYewk6UOWht"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 725643672cdf7762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/460255/ 385 KB
118 KB 187ms
56ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2973ed089940b9f773dae37e3f3da020dedeb524637eeee71d6284ab54175a9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 11:13:31 GMT
server: nginx
etag: W/"62bd855b-6023a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 07:49:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 194ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

dc7af18db76dbac94742104e73bc6d2c28d57617b2e8259717eb7f5f337e3352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28045
x-xss-protection: 0
server: sffe
etag: "1263 / 723 of 1000 / last-modified: 1656713226"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Jul 2022 07:49:16 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/460255/ 786 B
744 B 329ms
198ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/460255/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
last-modified: Sat, 02 Jul 2022 19:55:17 GMT
server: nginx
etag: W/"62c0a2a5-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 07:49:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 189ms
73ms Fetch
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
x-correlation-id: d7f008c97e51537b3032357e939f1322
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 173ms
53ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2667
date: Mon, 04 Jul 2022 07:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 09:04:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
46 KB 182ms
63ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9afc63e1f6971e98c7c718f07b5232ff5dc83f25defea565f81db8e6dc65232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46741
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 07:49:16 GMT

GET
H3 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 93 KB
32 KB 56ms
56ms Script
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?5ee17681
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78962
cf-polished: origSize=197222
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: cloudflare
etag: W/"613b1906-30266"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW3bZzV91eljQRTQTBpdhP%2B2fgkRNFTgiRWmOlVFv0FG1CVTWg8j6jfeAer8A%2BWoo3KOSxZxSfwKNgWlwZAZjJQ0XZ9hPI4cfnwioGJ5UWDpryB7fn1skvyuy360aewQaAC3qq90"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 725643674d027762-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 113ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: +0RM2DN95MOOh6Q9zT2n+70Lw7o0gV82CRc+lWPzY5nWK/vjos/Vic0uw37/uWLMV3r7DOcZ+0CUuOSw9X1ugA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 07:49:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 c4a1674f27059b8677faace1b0e4790d7adbd1ec.webp
vsim.ua/img/cache/news_rtp_large/news/0028/13/ 26 KB
27 KB 405ms
404ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0028/13/c4a1674f27059b8677faace1b0e4790d7adbd1ec.webp?hash=2022-07-03-14-00-19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b967236d04ad2019b6f85ab11bf984bc483742c109b4004a9146fbb77cd3ba05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 14:39:17 GMT
server: cloudflare
etag: "62c1aa15-69c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UudG%2B0x5cE8xJF0s4x%2BREGk396IRkLIkd92NQR2%2Bvhw7N4lwanXbiPR%2BxMCfr9zUVvjVbGL6oM0lqKcKciAmA5N%2FUgrme3BJEGViKgGFIK%2BT%2Fa2laRtT1S4emFT%2Ff31Ap9hPZWur"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 725643679d8a7762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27074

GET
H3 200 94cdf23a890930874227321058ef12f5a988befa.webp
vsim.ua/img/cache/news_rtp_large/news/0028/13/ 34 KB
35 KB 52ms
51ms Image
image/webp 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0028/13/94cdf23a890930874227321058ef12f5a988befa.webp?hash=2022-07-03-17-29-50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44312ae785ffc6912382dd05d05ffc148624b01b08f3a5b58807de53d77fc44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34834
last-modified: Sun, 03 Jul 2022 14:39:17 GMT
server: cloudflare
etag: "62c1aa15-8812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDVGtu%2B1n1P4Brfedw8TyzOF4QI48Ag2wCu1GKujWPUStOD%2B0cGsWBNFUWq2ovF2Q82Ki5pbVQU8KUrG7TBtUhhoG%2BxZKtPVBszka0MdA7o8NbX4O1mUkiWRtvdN2C4VT3Y6GQjk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 725643679d8e7762-LHR

GET
H3 200 2711119-pid-lisichanskom-zaginuv-volodimir-sova-lisovets-z-yarmolinets-foto.jpeg
vsim.ua/img/cache/news_rtp_large/news/0028/12/ 18 KB
19 KB 272ms
272ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0028/12/2711119-pid-lisichanskom-zaginuv-volodimir-sova-lisovets-z-yarmolinets-foto.jpeg?hash=2022-07-02-16-04-20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be907fa5f12c4ae1cd2c268fb2b7e08dcdb7de2e5329c86fb13ba647647e8f44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 02 Jul 2022 13:19:51 GMT
server: cloudflare
etag: "62c045f7-48b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYWMvnjWsLSCt2fFoBAA8j6UkLD1vb04Nb4jbPRyQn5FJV9GdLnB78MacdPkHVmA%2BG1gd5IeNWH5MN8fsKkKvgfW23zwGVjFH4EO3Bk7gZnSElrcMhgISok%2FwbaqisFp621YSkAI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 725643679d907762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18613

GET
H3 200 2711891-mamochki-perekriyut-zayizd-u-simchishina-prosyat-zaboroniti-elektrosamokati-na-ozerniy.jpeg
vsim.ua/img/cache/news_rtp_large/news/0028/12/ 17 KB
17 KB 274ms
273ms Image
image/jpeg 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0028/12/2711891-mamochki-perekriyut-zayizd-u-simchishina-prosyat-zaboroniti-elektrosamokati-na-ozerniy.jpeg?hash=2022-07-03-17-55-35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9311521ffa7cd856efa2bb5765a1ec07dba345a7f6ad47e165de317a57d0ce7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 11:24:54 GMT
server: cloudflare
etag: "62c17c86-42ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5Ko9ynaKzU6%2FlUxoiUOnxAtGp8J4rJkGIx%2BKh4Ub0QwxJ8pHBnJ2E%2BvPO%2BcleRDwZqdjYrqeB8m3KseTdMEoFPdX6hhaQXUAoFmE5i%2BgLPO34MG%2FnPEiz5ehyDI0uuH4%2FfbKNU%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 725643679d917762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17134

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8DDD 22 KB
8 KB 56ms
56ms Other
application/javascript 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480189e99d25834e42169286716e9050ae34d2f09f0fe03425ec6911fed89e60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmhE362n5r4euKfXLBscL%2FmR1%2FM6TMjzxTm%2BPISPLFcHdOZdfFmQLPhHXkxbicrlmJTuZrZpyKotuNPa7lI11ns7Qiy6qN%2BGMziXTR%2BPXSAk8i9%2B%2B36UzUphxTyrgK9tISyiCyvV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 72564367bdcb7762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 506134916849111 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 251ms
250ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f5737160f8a1f843e9d9e9f3fa4cf1e1b1484902ad0607b450031c4f83bcaaf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ib3spr9zp2pN9qOvnXqCmx87I9dNtTo8pnmalGb2YlGKY60b4rnQyJDFaS2PPx8bNiz/53mSEDATM6txeTdbeg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 07:49:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656920956419
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame E26F 621 B
698 B 183ms
53ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 07:49:16 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1rgVDzIn/sckJAg
x-77-nzt-ray: 841jY3h4Lg8
x-77-pop: frankfurtDE
x-accel-expires: @1938085067
x-age: 34195889
x-cache: HIT

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 279ms
93ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Mon, 04 Jul 2022 07:49:16 GMT
server: nginx/1.16.1

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 90ms
89ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?5ee17681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 04 Jul 2022 07:49:16 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 178ms
56ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 02 Oct 2022 07:49:16 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
526 B 201ms
61ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 pubads_impl_2022062901.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 169ms
56ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

087afccd6c529e8c66aaec7f26a26ede8a95bb869d3441fbfe53057022f84488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 01:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130855
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 08:34:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jul 2023 01:44:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
115 B 174ms
63ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Mon, 04 Jul 2022 07:49:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 179ms
69ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97af4af601bb73135434b5741f31acedbd9906ecf6a142532ae975e2ad60ccdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70526
x-xss-protection: 0
expires: Mon, 04 Jul 2022 07:49:16 GMT

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/460255/ 188 KB
32 KB 65ms
65ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/460255/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f5b84e517af23750b86db72413847bbded528860976c4b4b3ceeb83aa5e99ea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
last-modified: Sat, 02 Jul 2022 19:55:17 GMT
server: nginx
etag: W/"62c0a2a5-2ef9f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 07:49:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 197ms
68ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=29221e88-27e9-43d2-9e00-d88ddf96ad57&utmb=8ac6c88d-f830-477c-8d2f-a45ed3f3ed24&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
x-correlation-id: 329297ad412dd2eb57dbc6a11390afaa
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
455 B 211ms
61ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 134 B
397 B 173ms
43ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9a4ef8dc360c1ac8531ecfd1e484b03dcbeaff0db74222f9460321c5fcc1f4c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 07:49:15 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 174ms
44ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=6fygbn.i&features=16416&vpbv=N066&lifecycle_tte=2646
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 07:49:15 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H3 200 72564363aebb8892 Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8DDD 2 B
706 B 65ms
63ms XHR
text/plain 2606:4700:3035::6815:3aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/72564363aebb8892
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656907200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://vsim.ua/site_login/iframe
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySmm8rdTrjoK03UokEHiZ5%2BCiBwSOttIsUhLLUGmEJ3PtvKqFtzj1Oq5NyO6cBK12ID3kgnPwZIs0HjNiefT1MfQXrbYf%2F5MI5LeRzu3IlWryBGI4JdDoEEJRjqil9JpZGSSTQtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7256436b5ca97762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 176ms
62ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=928179083&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=31807023&gjid=1229763071&cid=1509110726.1656920957&tid=UA-43975937-2&_gid=725708540.1656920957&_r=1&_slc=1&cd1=NotAuthorizedUser&z=390877953

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 169ms
56ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1656920956706&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656920956705.2011766573&it=1656920956194&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Jul 2022 07:49:16 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
341 B 195ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oe6t0&_p=928179083&_z=ccd.v9B&_gaz=1&cid=1509110726.1656920957&ul=en-us&sr=1600x1200&_s=1&sid=1656920956&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
341 B 174ms
56ms Ping
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=1509110726.1656920957&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 202ms
79ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=1509110726.1656920957&gtm=2oe6t0&aip=1&z=1352533220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 175ms
59ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 597edf23911b6aa17adf7d12922291752f54044cac6e16ba005f5b6481ca43ce

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
last-modified: Sat, 02 Jul 2022 00:02:19 GMT
server: nginx
etag: W/"62bf8b0b-8ee"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Wed, 06 Jul 2022 07:49:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 182ms
62ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 642ms
641ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3521594696253320&correlator=3583977766501769&eid=31068295%2C31064226%2C42531605%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062901&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&ecs=20220704&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656920956763&lmt=1656920956&dlt=1656920955378&idt=1353&biw=1600&bih=1200&adxs=1092&adys=228&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1509110726.1656920957&ga_sid=1656920957&ga_hid=928179083&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

fa87983e1b443a19e20422d823c6c5965a27cea671a6d29658aed7e7a35c6f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10393
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 96C3 6 KB
4 KB 227ms
62ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:16 GMT
expires: Tue, 04 Jul 2023 07:49:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 160ms
54ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 04 Jul 2022 07:49:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
374 B 215ms
79ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvsim.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a4402fad-39bc-4134-9434-86a8bf2a1869%2C58328202-26fb-4c0e-b1d6-32e7105e78a9%2C4f1951c4-a9f1-4baf-b01b-87c006f79ea0&nocache=1656920956793&pubcid=e2aed882-bfda-4d0e-a889-54219c2e0e5d&schain=1.0%2C1!adtelligent.com%2C306660%2C1%2C%2C%2C&aus=1200x250%2C1200x400%7C1200x250%2C1200x400%7C1200x250%2C1200x400&divids=div-gpt-ad-1632837984961-0%2Cdiv-gpt-ad-1632838225160-0%2Cdiv-gpt-ad-1632838267602-0&aucs=%252F45035109%252F20minut_news8(1200x250)%2523div-gpt-ad-1632837984961-0%2C%252F45035109%252F20minut_news9(1200x250)%2523div-gpt-ad-1632838225160-0%2C%252F45035109%252F20minut_news10(1200x250)%2523div-gpt-ad-1632838267602-0&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: da00dad1dfa8a349f002e647b3c7184d8600dcad707b5f3d776fac173fdb230d

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:16 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vsim.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 302ms
179ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5efe7dc11640f7e746c7bafcd22b55081d81fb09f2fa9a935d16ee10356161c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 89a27b6c-6c16-4019-9b26-7e2b9ba08a2e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
631 B 181ms
79ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221373d0dc0285f5e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214daceb833c15c7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%22151517d17813c3e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%22162f58d3c103bac%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2aed882-bfda-4d0e-a889-54219c2e0e5d%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d69624ffb7783cb60807807da680a538de64f4dfc5d30646939c07c06d3c5b

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnO5don9rpdU4AiVRXDrLbB7XMCXFYzDGc2ahDq4fl8cYdx06n7%2BgxMeBlrVLgAyK5wJryPmWefjJ3mVxremiW68Ygx3gJywV5Ylnphqy5nbmBY3d%2BNYrKHMGVY5RigphjmCJmIP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7256436cc91c8868-LHR
expires: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=h...

424 B
833 B

53ms
53ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=e2aed882-bfda-4d0e-a889-54219c2e0e5d
Protocol: H2
Server: 5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a04bb9dca5b8df66fc2d7031e9e4745a9774a62954a04e500f464c0b9dc90703

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:16 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Mon, 04 Jul 2022 07:49:16 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 424
x-sid: AMS-607

Redirect headers

date: Mon, 04 Jul 2022 07:49:16 GMT
server: openresty
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4745006438675212&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=e2aed882-bfda-4d0e-a889-54219c2e0e5d
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
675 B 62ms
62ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7f4d43251a549e2ce1324d69609aa0be99dc192804cfca4b33ee687ce9fbf833

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 07:49:15 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 373

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 571 B
566 B 164ms
64ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4a21e1ff2d5aaea3222780ac7f5a19c8b9ba063080039392cc7feb6c415335ab

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 07:49:16 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 264

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 333ms
134ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 04 Jul 2022 07:49:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 353ms
154ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 04 Jul 2022 07:49:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 280ms
168ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c20f3f672fcf706162694c9262161ca092545471688d9be8d2e2625c048142e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bd43e992-5d2e-4977-8b6a-472356e8e50c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 56ms
55ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43975937-2&cid=1509110726.1656920957&jid=31807023&gjid=1229763071&_gid=725708540.1656920957&_u=YEBAAEAAAAQCAC~&z=724550343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 07:49:16 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 174ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 173ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 195 KB
49 KB 488ms
488ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3521594696253320&correlator=469192442901775&eid=31068295%2C31064226%2C42531605%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062901&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&ecs=20220704&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656920957169&lmt=1656920957&dlt=1656920955378&idt=1353&biw=1600&bih=1200&adxs=204%2C204%2C204&adys=1056%2C3264%2C4265&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=1509110726.1656920957&ga_sid=1656920957&ga_hid=928179083&ga_fc=true&btvi=0%7C1%7C2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

26a0d3354b220c1f290f6b0a1f14a5b28fa1fcbe14c744a4dccd9d4017e62283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49826
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6C66 0
18 B 112ms
54ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:17 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 container.html Show response
0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25FB 6 KB
3 KB 165ms
55ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:16 GMT
expires: Tue, 04 Jul 2023 07:49:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF69 624 B
974 B 184ms
66ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ3VmscBMAE&v=APEucNVjG5R7DKy0Bgq9e1w4RG5ACyG-0qkPT5zQd05-0E1wBNnJthFS_LabpW-lBe_aqRUm-9jT7GBBPbzSxgZs3npOqp5oilcaHAqdPuzzE4q6spc8fu0hNakiFT6iO-kaGD6yC-8Zh9i_yTNICsP3at7YIxxNZs-j_6w82ijlUosMQGAfN-E

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:17 GMT
expires: Mon, 04 Jul 2022 07:49:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25FB 14 KB
11 KB 204ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXkikIX-4KUbNsl7vlgvU5BcaOFvNOnIb_tnOwJNSBbkQ5r6fy9B88Oqk-jwsXePlcmaw8zT-iRaEk1nvVp5RZfcVn9sypyAzDHvtxpeTfMR7EcttPHUt7Cwpy2xsarVTI524dIBcE2bBWTvYBPysy25hNxw&cry=1&dbm_d=AKAmf-At8S7LQoPBz-_u9xFPIvOPZUnPIyB_mujbG_KjinF2TGMTJe6RXiJoWmkx56L9EujQbQdtMX1JtIVeRBeP5756Xd8wsjzpS9TVAqGiWDO3pbt760F-wQQq8DAHpWX1iuxRmaX7303Cn412mlDLiTmXEld-RJKphiJRPTSzWhvWfK1GAy2Bhciz4nX9R99kAaYWdifyLTA-E-OcxAUjXc1hro9WkRa_CYadZAb7Gowlj4CkJZD9lX1tXa3SseU4hmBiOcoDW5DXcatFuI-8oc143XgWhsA48ZL4UCTHK27_BXzbuOx-mxgPLAj6jUVAh3rNfrEG-acn7ZDqT8WjR3Sm8gbfvtdRoSr9Iy2JEea2jr2u0dMVx9gNSp2tsscYoiPoXIF3lsShe6Qb9-vl7ZLjHlnxZ7yI-EILyIDSt1PXrgDcGfAiTGIRs10w7rKWujZpi0GqR3ecPt33g3qqB-QSZDGJWWMx-x6ejLQ4K4m6O-o_BQHMJujPTdeACAOBBByacrn3JIS2vL0A0Y9JjT1pHQbb04ZWjwmb1gwNv3488CjMPMVHygUj8RurwAy6iXD2sG5sRPdzuHrtA3aGDQQkZjMl5Ku_s36R1J7Oj3OndpdjE-0Vlrjt-onxo3cki6MV_xn8MbkLGZAZuW4dYvk9Qpx7a8hNgYdQexdf7O9VLPT7O0Drz6oj5DUC2wLVEnFSidTDvfOYwoy0UYZvYesk91YKGVjDiRwF9yNzBbZE_C3DsSEh7J-_eOqI91AIW5VXmYWF34y05zGzH8muzg278vI-tpO7psyFY1DdVUJWJDbSaSzMpUw1IvzmfsYVt4Zj-Ylqh2wbAPewtSnGvULTl_iOIIXZpC_cHc5emzrncW4rwxy4HmOfXfiLPmhYCZpkY7UQvEMtUrscQ0XWf4H-9084UevMdsU24jr7LrhsjWlw_BCLLsu0mEftUQOomrM9Xhj_rTKKETzd6flk6TejrJjpx-JF1ozABHmrfyCzfFFuZBheVAB62nLXDLRsgyMYjqffSHkPq5jz4FyqPkkJ4s7pzGizhKTAi3tMbwetbE2OdL0kXnv3odUvaQS6uOoBa-nIyTv9huE0rKjPEZayEvRGHMArcXSjY0wcLv4N850Zwiou8JYM655WvP6ZLxPX7hB9SxZBOutba5nUYE4dztyn_8RJUU010EMJYddL1rq5ZipbY1WcXOVSbmh_xkNDflmNWh3tsIj5d6xTsfoGqHSg8gI0AO_oTS7ayogUHDtiKFIoBtZtwCtD3faK237F3f60XSTpPK0ZfGjkcKB-knNj0gymEGHDUqdNo5PxnwyNBVoJE1GB1VBx0v02THCGoW3YHFJDNrBzvPOKNTn4TCqxeZzHxn4xKHq5q9tBuwB3eshL0QassSjZmF3PMrSND1YjSG8qwmXrunmK224BVHb6Xr_uKJ0R5KVZ0T9lY6WZrFrWuU9nya_HcceMCJ9DbPHjCvDmqreR8DLTCULxtzz9PN1vx0f9EqNvKXNIEBUvuNlQED-mRgHCu575dtrWYKf1qcT5mswAS2rKWcnzGoNumJvnd3-rCmQpB_WhXKkBEfJVQj0qCUOUDYsk8-fF3shHubi8hq0b9Owe2KaTj1fka29e91ieQ3wwXacK5S_uX_4t7qQhWfJFOZq1MOLygNDmC6i0AE9_P6wHUVN-z5GBL5urnnRAebcEu-MswvhMmEhSNpZOYT86gGe3SnXNXX0q1cuZd9AqjhOCQtivCUm2rn7U__FyO0tbKIEJXV-aC4vjgjbpcThmYxSxlZ9agqB9-quqzcA9t9-sSm6Dg2UobiHGuu8GkPucEcr7X1xarIKhIgdpkkU8RxBncW8Nh-9R9EANS9fHDX2aeGXV81VQSVLffR3MaeLgThJUsDWIgFhxY-t2K0Mz6sxjVDftDQI26Yutv2koUMBsiMkBt-kjdYHc-YPCGk4aynh8PsomqWYY7YRAXsszAz-rF2kD5F0ALbiR1N3mAAGyjh1O5E9aa3xIwpeUjQB1o4hNragGrPJWCG3LA_0fOflVlIeEgRO27BLyJS01Z8dAsk5Apd919ck4e88R4dnyyyBu47eTTbIm4QmWnRoVvrAq8zdG7cDP1m739TwpBvj_ARajBPkKWGagGPThRVKm1auzkdaQ6SW9lwfC8w7EvDwbZe-rPYcZIovU-hZx252tC4aow651gPBLNXtIPvVg7smVvYynqf3343wknMLGEQKXFx79ZU7DQMZr6UqZClRP1pHlb3GvqqhJMPnVESiinJvk4Bf9kJN7h5vVRrrVE7hRgwBhHok9Q5EVwRyvsKw_hu6p23Pzk-vlcGuPykb3BfSi8TxRcaA01BqxIs_TLuRy4RwFPx5v9IbxrmxNS2d_eEcua-QiON8-lbEh_D8ZZr7dlUh5fKBfAGbfkPuYujmL7mFCHWZNW5-VzNKqCFbfmXcFrUZCDaFFGsaKPXc05tuA7un5msTQ8HZsC3xmVTck2csxIY3yuMcedPkvQNVSuHyt1C1GQo68BySuPgj-08Iq59ztyms0p6FKv2YIt41U_y5ilOSHIbqRIGA-VWFuYCMc3nDW5vhrzUKQGt_99UJ4Ag5UuJtlkD6hJ2ZuIPQgU8Sy80j4NRHR4Vs4Y4MYpw-eqzRZvQdkC5yUvwkFMeLijlynruI&cid=CAASJ-Rojby07U2yy4kXE69XePE8qWGxtGa_TEDgD1h39BkIvH6ykfjMrA&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a9d480de15ac30a5ab043e16f3239f66dfaec88bad49dad9c5cc5f43ddcdbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10794
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25FB 42 B
494 B 217ms
93ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACrOqw5Pp6_mH6cqOyvpaAfRK6oRazyMmugEVAdpCU7S7VtCd5-Iaz0VA5WBNmR1bt-ZXydtDth_2kqUfuGq9dTag2rzSYyDUFnTy0b3YoNo8Z9mQ

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 25FB 62 KB
22 KB 233ms
101ms Script
text/javascript 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWhpxGcKhnr2ofdU-H1iDvWZYZReAHm2MUf6S_OxJZT7Lon0fU&d=CnkAoCZ_4H1lQWJRsts3MRTpQjawHQFSynqayTv2kDTsJJMCI-fwNz0SyGDUHnl3e1MvTcs5DpLnDDohkNoIuSaDLuIpwlfOGXBBt6RSUxMTnTYHgf9u6Pj4hySo5KVJIMEE9HMl_9keuZ5rhUoV9OZlNEzzfYO2JgrtEtkSAKAmf-DafcSOCD8pynTEFBpMkqxF3EWt9T0TuA7mntm7F54zCcvhhfW05eiY6Q-VYduFcfEjn_gAwMr-yQNhUnU0fdzEicv2s5vnXaQIYTppm_XHcKYiVRk0r42BAuCpWAzLhn5y6V7IBGN_xr8lZlVBX4_gQRT-a9L4VsBm0Jb031YEYQTXjuaKZu4PrkuEalyJUL60i5FSPbJ11OjP38irkPIS68y4I1_oQnk1V5RKhLAkwDF9vBbfYkXEWaphMEmDVSlln9-hZxha_biYjxOzDz12yI6ybqgOILmkL5XF84R-TXKlzDB5tbLO5_WASZpcS6buqSMdAK2AClM55wFaLCm8AmHOK7XTpEwnNUM6VyMSCuzalbMr5OiEgB5HTO2lRaz2E8Pw3WRAbtIImze5Jvucgvv6VMUOq3VJGXMfjU_rCc7Km4mpKdPVAkejin_bByZVIMEwV_thXC9vmwdYu_S1I0iS96R3lzUkh6T3FEAwqgfx3UTapXPBh8q3ZOQLo03t_8Yq7u4Dci6yVeKhaqsQtZBZyKarTDJlM4p0_tWHG--glvNGyFy4rfnisu2jmbIrXhoDBuoAV7QRd0HaqTIAK5b8S0eBKk8c5FRkxOmLo9VJtDU8iYRSNCfW1qrqohhBFj1YYL_7qze1iiJXrPkNMItuZHgA7iw7cN2fvhx7oOe12aaUuFmnwDsGBClby6zB6v71ctj60YU3imqfF84kvXxu2lpsRyPCDUSN0qotysRNzl5GtOG0EDsxdpAAPRB4fpdrZcUuxOiktCNR3wiVYkGZXc9R6m-xVF5K9ZG_PRb5690V9awjUSd1HNlEdVKQHEWCzScg7mAZBLMqUdGmrTh-KDYbPoUXWgsz-dY1BXukMn9NHfbnoxr_AUUI0-zOV1Yq-Fc-eCOoiB8PEXqG6F0a-9uqKShmMPB7d8jcWZP8RiIs71EekgfFR0ZO6i50K010LcqQ_TuQ5d3HUnw2HuAUUAwTQvu61714qKOkmW5oUlsMM3-Yx9k-QA_WPa7e3BStUXft4EGZWU62DpgpjNVjATQc2RuIEtkt9cKOH83aKWokfZNP20fWKdpcaXPh9T-htBZI883FmOUOkIh1hfKs8sR_wnz2kmAFjkozU3qoAJWpMg0w6l2DLZEWKsZFIzTceGNQ0WFCc0dRnzcLQZaVzYTWXdmw2L5221zckR9CVYxb0D-YsXIGrSqX9siwQ4vD0fcPINVpW4GWNk0AO-GcBJ2Eibsi_zlCaUZjJ7lvBjj6kJPkPB5aazMnPPzpCM_ewbPFYS1JMs_1y7qS9Vt236mMwbTmAp7H4FkJNmN_wrzd8EnwlIMhF1UCezKRbuDPx7AkVsmavyuM1vfY3X_ov0gTSBXOu2DLofZL6EEik7Jv0cG6rTPP8du1sqsD8ZGohY17bml7dJi9086yQs_2GsUcwtUP7PTatb77Opi8ezNYCFDYoZvHWj4lqutdW8Tlboz2XjJ_uo_xnCyQgpLQ7IFfLy8qVKsMd5KuCdnvU4FDszq-e0eVe_dwmYKO_kIA2lj2csT0kxCGopgCA2kHUuMmH6eYxv_Ql-D-cRvip3Mj9oW36XHX7dpbzpyAJWQiPspuJauuk0cjWFkzAUmpS46GfZ3wTlns58LZS8w-jhY7hFRPEdPsNlIbGmYH8u_F2CNxo49LA2Nw8gZZUsZBk5SVGIOt1puLocWE4TsHqbdeHQDEknGLaIiCAEhy9Or9P0RbPj2OMdPnFH0ZkpY5JIxGUQPkOs5T1xSBQrsP_JLMUXagpdkqWkMJEs_jz7ujo5ED7jZnDqVwC1w1ati6-eTr_0ss5jDRt6ZRktJjZIwzZfx1QOCU_Jw7TpqMzT_QM_-llyYr162asjtMiV2JOTjGApeIKHoTExy3QjsOSkLcjP4WReHkdOtnGXS8jXMz-yhql6G5EQHyNOZaHrkDq3_uMb3--XUI37QUcSOyoBni-3sfYhmo8DFAJ83OTDUxIHrwm6zBLe5XFlULKRmRJfQLw_SdLTg7Ytd_rDrIr39DMI3au-S4AzNHpiNlT8hsqPKKuNGXCanzbWKDLatGnXL_68r3Fu_exFfqqRhHtIlS3NeEmtQ_fg0bhaQUbk4jSGvMZ7fSSu4dp7O4anlR2lSsSUCVjfE-R4nhpzBI4ORk_HwYkdDq0Mz8f4h985NyaQEmn-PGTIguNAW2ZX5PqiWJnMseJc41HEK0IugIKJKAZg2-_vRVmj9LQ15EJ8wJITnYGmP0zyzHb7SbKbLiYYCQBgKduAHoNshczUJBiNtx3lQmISjZEpROONEDyOgxazi_FO63Yxju8EcE9w2a8yGa7mWNphYY4gW9ZSmvqPi7of5WUiEFhxLglgDS031Zua0pKxfUIuJIF9YZPxJSnqEED5t8zKjsT2IL3OAnuP1mXl6rwm2fvSALGfo_UA8YmWP1Z-e9CYk3KXOkIT17pzf1gJu5ymqJf6arP82YWjihhNWvI919szZEeRZdK3NCezMB5_XblIEpsZhOGIjNJ50kZeixWDKG_sAoWRJCXQziy3yjIyWJMhQrJutcX3hnzYb1wpe5BakJ_YU_do5RtNuunDFA9Z2hmBZGzRMIa4AsS2iPXOM92vjlzHMQjvbSRsP_40QzgQWKjrtQSEogh49TS1lW_Kfff10wqAZ8QgJ81e-kWC2D4gVtbufobnqK4CIHleokA29qnMRgvYVX6qkz00xn9beqdmU7St58gqh8RIdXe5fBoAwbYeplZ4tfY6UAE10_t5UKoj-aCrpgSwEXOSchc9t6BOuRT0wmRgT9F1PTFEuYY3Wke4GKkiI5P6J8n-dVNnhNunRtJAnU6uw48t8rIvHhHuqraVilvPhGyja7krsQlUwxSIUDT7g64epIOyo64RmIihidSzpsb6VuCsnhAvAlgcrcqP4mLzvfrHiBaCdk21GQYWC5ztLRX3LcwjKdHCFxd3tdS9ZbpfFzoOLvOmfV8KVxk37-Zd9A_MltC1LWqjMttzLz0mnAr4Xse9uYLrxF4VXV3Qon9yo52Tmo9OA39ThQqdaJ8pLMwI1x8YFymP-AHuhGyB0kEcUW7xH0f7uXap51yQ0rYPdnfxCOBollGR7vym7wKocxuPKwoa02DR7-2RE3uR8-fPbTwqb24QJqZ1dfJxwBYOkP7I91trNuiRXSw8IiRqcaKwgAEifkaI28tO1NssuJFxOvV3jxPKlhsbRmv0xA4A9Yd_QZCLx-spH4zKxgAQ

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

6ef2c296a72cbb15b161d88e05edd088c36c011f5bde3b1eb5fbcafaa675d4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21661
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/1005482/61968045/dcm/ Frame 25FB 234 KB
71 KB 196ms
59ms Script
application/javascript 54.246.237.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1005482/61968045/dcm/dcmads.js
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.237.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8c1ffd5a308175b2ea062bb17f11af0668d67d3bf3c5706b7608deddda55e775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 25FB 3 KB
1 KB 180ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:36:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25FB 138 KB
43 KB 474ms
355ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 07:49:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 25FB 17 KB
8 KB 173ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:45:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 25FB 0
0 181ms
61ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJRfReSEhVQEU7Fsx-giPzRwSjNSaI9nnxSziVKp_nOEkTqluvtNwERhhEXdgDYuO6xtPmlpjEm0_ZOySmADDWhksONg
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EC2 6 KB
3 KB 55ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:16 GMT
expires: Tue, 04 Jul 2023 07:49:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D816 624 B
559 B 75ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGKaYvcEBMAE&v=APEucNVWessP8KQUvpVEP9LzlvSGLW3duMFd5155tfK6WG8-oDIaeVEaaOwYiltnfM0j4f2cWggJSDQVC4slAov_1-SRNC1VDXkjxiPPgLb19rF41gyqpnTSn1-rl-02iCADL_yZAo-EazAnHKxRrfHgBcfiqezkFAA96OMcrps9SJ7o5Zwpgns

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:49:17 GMT
expires: Mon, 04 Jul 2022 07:49:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6EC2 106 KB
38 KB 202ms
55ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Origin: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 12:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 12:45:58 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 6EC2 6 KB
3 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:07:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 6EC2 21 KB
9 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:39:02 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EC2 42 B
107 B 87ms
83ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3inAqOdtAvitMbBhfgaccDnbdwjjoH2ypA7aP6CbwSbkODVco06NtNK7eD94lyKTpG_VLyT3_E_9LnK2mQgwD0NXr_j_hNEy1wZE51sMzn2P9n48

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 6EC2 3 KB
1 KB 67ms
62ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:36:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EC2 138 KB
42 KB 378ms
373ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 07:49:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 6EC2 17 KB
7 KB 64ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:45:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6EC2 0
0 67ms
63ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRg5tfN8g0DG0-Jm9ooQVv_evmf7Ipc4___IKP471DLkAmiPpF6KCL1zlm83j_lOxxZQ7z3WRPP7916iCzDyjWpwGCY4g
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtWvf6Veswl1eOUweMf8Pg&google_cver=1

43 B
907 B

135ms
92ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtWvf6Veswl1eOUweMf8Pg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ3VmscBMAE&v=APEucNVjG5R7DKy0Bgq9e1w4RG5ACyG-0qkPT5zQd05-0E1wBNnJthFS_LabpW-lBe_aqRUm-9jT7GBBPbzSxgZs3npOqp5oilcaHAqdPuzzE4q6spc8fu0hNakiFT6iO-kaGD6yC-8Zh9i_yTNICsP3at7YIxxNZs-j_6w82ijlUosMQGAfN-E
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 725643741d55743f-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWBa8x1QSlH0RKqG7K1yYqEcN%2BXPIj6k2sorqBwbZzAdNl1t3ARendnph4lVuFZdZJW3ZLpZY4JSdh9z2KOXUTMj4SwnkRd2XewSTJwKpBgJW75a7wqbiikdib4S2%2FRABl8GUw5I6g9nmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtWvf6Veswl1eOUweMf8Pg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF69
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKbfQl2gDOnvIMc8Ci80QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

43 B
912 B

77ms
77ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ3VmscBMAE&v=APEucNVjG5R7DKy0Bgq9e1w4RG5ACyG-0qkPT5zQd05-0E1wBNnJthFS_LabpW-lBe_aqRUm-9jT7GBBPbzSxgZs3npOqp5oilcaHAqdPuzzE4q6spc8fu0hNakiFT6iO-kaGD6yC-8Zh9i_yTNICsP3at7YIxxNZs-j_6w82ijlUosMQGAfN-E
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72564375c802743f-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GH8FzlWOZji4y8UAs%2B90t7J82S1ad75loMm%2Foj4FafT4CjNsod8klJvpd7RdLtaKKqMgBFNNEqdwaKrhbcNgTmUzAM9nX%2Fi%2BGErn92%2Fgz7u%2BYmONGWXtR%2FcbU%2BRs5womhNdUWlC6c8ocw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DF69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeXt9obh1Kl5ylL9PSIAoo&google_cver=1

43 B
1016 B

100ms
97ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHeXt9obh1Kl5ylL9PSIAoo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ3VmscBMAE&v=APEucNVjG5R7DKy0Bgq9e1w4RG5ACyG-0qkPT5zQd05-0E1wBNnJthFS_LabpW-lBe_aqRUm-9jT7GBBPbzSxgZs3npOqp5oilcaHAqdPuzzE4q6spc8fu0hNakiFT6iO-kaGD6yC-8Zh9i_yTNICsP3at7YIxxNZs-j_6w82ijlUosMQGAfN-E

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:18 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8b88f93d-277d-4810-bd39-33e1cd3a662e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHeXt9obh1Kl5ylL9PSIAoo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF69
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

170 B
232 B

162ms
75ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 76fe58e3-f4eb-493a-ac66-986356fec8af
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 47ms
47ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Mon, 04 Jul 2022 07:49:16 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25FB 41 KB
15 KB 181ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXkikIX-4KUbNsl7vlgvU5BcaOFvNOnIb_tnOwJNSBbkQ5r6fy9B88Oqk-jwsXePlcmaw8zT-iRaEk1nvVp5RZfcVn9sypyAzDHvtxpeTfMR7EcttPHUt7Cwpy2xsarVTI524dIBcE2bBWTvYBPysy25hNxw&cry=1&dbm_d=AKAmf-At8S7LQoPBz-_u9xFPIvOPZUnPIyB_mujbG_KjinF2TGMTJe6RXiJoWmkx56L9EujQbQdtMX1JtIVeRBeP5756Xd8wsjzpS9TVAqGiWDO3pbt760F-wQQq8DAHpWX1iuxRmaX7303Cn412mlDLiTmXEld-RJKphiJRPTSzWhvWfK1GAy2Bhciz4nX9R99kAaYWdifyLTA-E-OcxAUjXc1hro9WkRa_CYadZAb7Gowlj4CkJZD9lX1tXa3SseU4hmBiOcoDW5DXcatFuI-8oc143XgWhsA48ZL4UCTHK27_BXzbuOx-mxgPLAj6jUVAh3rNfrEG-acn7ZDqT8WjR3Sm8gbfvtdRoSr9Iy2JEea2jr2u0dMVx9gNSp2tsscYoiPoXIF3lsShe6Qb9-vl7ZLjHlnxZ7yI-EILyIDSt1PXrgDcGfAiTGIRs10w7rKWujZpi0GqR3ecPt33g3qqB-QSZDGJWWMx-x6ejLQ4K4m6O-o_BQHMJujPTdeACAOBBByacrn3JIS2vL0A0Y9JjT1pHQbb04ZWjwmb1gwNv3488CjMPMVHygUj8RurwAy6iXD2sG5sRPdzuHrtA3aGDQQkZjMl5Ku_s36R1J7Oj3OndpdjE-0Vlrjt-onxo3cki6MV_xn8MbkLGZAZuW4dYvk9Qpx7a8hNgYdQexdf7O9VLPT7O0Drz6oj5DUC2wLVEnFSidTDvfOYwoy0UYZvYesk91YKGVjDiRwF9yNzBbZE_C3DsSEh7J-_eOqI91AIW5VXmYWF34y05zGzH8muzg278vI-tpO7psyFY1DdVUJWJDbSaSzMpUw1IvzmfsYVt4Zj-Ylqh2wbAPewtSnGvULTl_iOIIXZpC_cHc5emzrncW4rwxy4HmOfXfiLPmhYCZpkY7UQvEMtUrscQ0XWf4H-9084UevMdsU24jr7LrhsjWlw_BCLLsu0mEftUQOomrM9Xhj_rTKKETzd6flk6TejrJjpx-JF1ozABHmrfyCzfFFuZBheVAB62nLXDLRsgyMYjqffSHkPq5jz4FyqPkkJ4s7pzGizhKTAi3tMbwetbE2OdL0kXnv3odUvaQS6uOoBa-nIyTv9huE0rKjPEZayEvRGHMArcXSjY0wcLv4N850Zwiou8JYM655WvP6ZLxPX7hB9SxZBOutba5nUYE4dztyn_8RJUU010EMJYddL1rq5ZipbY1WcXOVSbmh_xkNDflmNWh3tsIj5d6xTsfoGqHSg8gI0AO_oTS7ayogUHDtiKFIoBtZtwCtD3faK237F3f60XSTpPK0ZfGjkcKB-knNj0gymEGHDUqdNo5PxnwyNBVoJE1GB1VBx0v02THCGoW3YHFJDNrBzvPOKNTn4TCqxeZzHxn4xKHq5q9tBuwB3eshL0QassSjZmF3PMrSND1YjSG8qwmXrunmK224BVHb6Xr_uKJ0R5KVZ0T9lY6WZrFrWuU9nya_HcceMCJ9DbPHjCvDmqreR8DLTCULxtzz9PN1vx0f9EqNvKXNIEBUvuNlQED-mRgHCu575dtrWYKf1qcT5mswAS2rKWcnzGoNumJvnd3-rCmQpB_WhXKkBEfJVQj0qCUOUDYsk8-fF3shHubi8hq0b9Owe2KaTj1fka29e91ieQ3wwXacK5S_uX_4t7qQhWfJFOZq1MOLygNDmC6i0AE9_P6wHUVN-z5GBL5urnnRAebcEu-MswvhMmEhSNpZOYT86gGe3SnXNXX0q1cuZd9AqjhOCQtivCUm2rn7U__FyO0tbKIEJXV-aC4vjgjbpcThmYxSxlZ9agqB9-quqzcA9t9-sSm6Dg2UobiHGuu8GkPucEcr7X1xarIKhIgdpkkU8RxBncW8Nh-9R9EANS9fHDX2aeGXV81VQSVLffR3MaeLgThJUsDWIgFhxY-t2K0Mz6sxjVDftDQI26Yutv2koUMBsiMkBt-kjdYHc-YPCGk4aynh8PsomqWYY7YRAXsszAz-rF2kD5F0ALbiR1N3mAAGyjh1O5E9aa3xIwpeUjQB1o4hNragGrPJWCG3LA_0fOflVlIeEgRO27BLyJS01Z8dAsk5Apd919ck4e88R4dnyyyBu47eTTbIm4QmWnRoVvrAq8zdG7cDP1m739TwpBvj_ARajBPkKWGagGPThRVKm1auzkdaQ6SW9lwfC8w7EvDwbZe-rPYcZIovU-hZx252tC4aow651gPBLNXtIPvVg7smVvYynqf3343wknMLGEQKXFx79ZU7DQMZr6UqZClRP1pHlb3GvqqhJMPnVESiinJvk4Bf9kJN7h5vVRrrVE7hRgwBhHok9Q5EVwRyvsKw_hu6p23Pzk-vlcGuPykb3BfSi8TxRcaA01BqxIs_TLuRy4RwFPx5v9IbxrmxNS2d_eEcua-QiON8-lbEh_D8ZZr7dlUh5fKBfAGbfkPuYujmL7mFCHWZNW5-VzNKqCFbfmXcFrUZCDaFFGsaKPXc05tuA7un5msTQ8HZsC3xmVTck2csxIY3yuMcedPkvQNVSuHyt1C1GQo68BySuPgj-08Iq59ztyms0p6FKv2YIt41U_y5ilOSHIbqRIGA-VWFuYCMc3nDW5vhrzUKQGt_99UJ4Ag5UuJtlkD6hJ2ZuIPQgU8Sy80j4NRHR4Vs4Y4MYpw-eqzRZvQdkC5yUvwkFMeLijlynruI&cid=CAASJ-Rojby07U2yy4kXE69XePE8qWGxtGa_TEDgD1h39BkIvH6ykfjMrA&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 10:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 10:33:08 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D816
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

43 B
916 B

113ms
84ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGKaYvcEBMAE&v=APEucNVWessP8KQUvpVEP9LzlvSGLW3duMFd5155tfK6WG8-oDIaeVEaaOwYiltnfM0j4f2cWggJSDQVC4slAov_1-SRNC1VDXkjxiPPgLb19rF41gyqpnTSn1-rl-02iCADL_yZAo-EazAnHKxRrfHgBcfiqezkFAA96OMcrps9SJ7o5Zwpgns
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 725643741d57743f-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxLXd0OCe1ACu6%2BceJ0CEZlGy%2FLtDs7WT9ECNCnZlaPcB69nnmvIn%2FUlqNYIzL%2FAyYc1%2BN1ZPJhERTL%2BXZv2kOzziGYlrKbziGFUzUrM4%2FNkDffdB3vAnxTpRIXc0qHM2Cf%2BGciu0VBlFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D816
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKbfbH1uNR0QRpzCL3JYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1

43 B
910 B

71ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGKaYvcEBMAE&v=APEucNVWessP8KQUvpVEP9LzlvSGLW3duMFd5155tfK6WG8-oDIaeVEaaOwYiltnfM0j4f2cWggJSDQVC4slAov_1-SRNC1VDXkjxiPPgLb19rF41gyqpnTSn1-rl-02iCADL_yZAo-EazAnHKxRrfHgBcfiqezkFAA96OMcrps9SJ7o5Zwpgns
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72564375f838743f-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3a68LSKggJ7OPUBcGxlEgQuprIu4uRv6uxIgd6XVG3a8t1EtRELxweTHsyC7vXjY%2B%2Bq8hm5AVb83mXKcHL8dHXmWxqfWulwOuRdD9nI%2FfTEMAo%2FaUl0miIkpMfXEF52OyI8vvBMimlACyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKitJNUfIYqDgU3_HZUb6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D816
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED0LhM4eBdcSsHYdRpUQLLQ&google_cver=1

43 B
1016 B

56ms
54ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED0LhM4eBdcSsHYdRpUQLLQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGKaYvcEBMAE&v=APEucNVWessP8KQUvpVEP9LzlvSGLW3duMFd5155tfK6WG8-oDIaeVEaaOwYiltnfM0j4f2cWggJSDQVC4slAov_1-SRNC1VDXkjxiPPgLb19rF41gyqpnTSn1-rl-02iCADL_yZAo-EazAnHKxRrfHgBcfiqezkFAA96OMcrps9SJ7o5Zwpgns

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:18 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a2dbf4b-12a1-45f1-8dbd-120183d224fe
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED0LhM4eBdcSsHYdRpUQLLQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D816
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

170 B
502 B

94ms
73ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 07:49:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: becfb185-a10a-4040-bd74-08434b41c19a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzk2ODM0MDI4NjYzMzQzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 25FB 106 KB
37 KB 189ms
128ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Origin: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 12:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 12:45:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 25FB 8 KB
3 KB 219ms
69ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWhpxGcKhnr2ofdU-H1iDvWZYZReAHm2MUf6S_OxJZT7Lon0fU&d=CnkAoCZ_4H1lQWJRsts3MRTpQjawHQFSynqayTv2kDTsJJMCI-fwNz0SyGDUHnl3e1MvTcs5DpLnDDohkNoIuSaDLuIpwlfOGXBBt6RSUxMTnTYHgf9u6Pj4hySo5KVJIMEE9HMl_9keuZ5rhUoV9OZlNEzzfYO2JgrtEtkSAKAmf-DafcSOCD8pynTEFBpMkqxF3EWt9T0TuA7mntm7F54zCcvhhfW05eiY6Q-VYduFcfEjn_gAwMr-yQNhUnU0fdzEicv2s5vnXaQIYTppm_XHcKYiVRk0r42BAuCpWAzLhn5y6V7IBGN_xr8lZlVBX4_gQRT-a9L4VsBm0Jb031YEYQTXjuaKZu4PrkuEalyJUL60i5FSPbJ11OjP38irkPIS68y4I1_oQnk1V5RKhLAkwDF9vBbfYkXEWaphMEmDVSlln9-hZxha_biYjxOzDz12yI6ybqgOILmkL5XF84R-TXKlzDB5tbLO5_WASZpcS6buqSMdAK2AClM55wFaLCm8AmHOK7XTpEwnNUM6VyMSCuzalbMr5OiEgB5HTO2lRaz2E8Pw3WRAbtIImze5Jvucgvv6VMUOq3VJGXMfjU_rCc7Km4mpKdPVAkejin_bByZVIMEwV_thXC9vmwdYu_S1I0iS96R3lzUkh6T3FEAwqgfx3UTapXPBh8q3ZOQLo03t_8Yq7u4Dci6yVeKhaqsQtZBZyKarTDJlM4p0_tWHG--glvNGyFy4rfnisu2jmbIrXhoDBuoAV7QRd0HaqTIAK5b8S0eBKk8c5FRkxOmLo9VJtDU8iYRSNCfW1qrqohhBFj1YYL_7qze1iiJXrPkNMItuZHgA7iw7cN2fvhx7oOe12aaUuFmnwDsGBClby6zB6v71ctj60YU3imqfF84kvXxu2lpsRyPCDUSN0qotysRNzl5GtOG0EDsxdpAAPRB4fpdrZcUuxOiktCNR3wiVYkGZXc9R6m-xVF5K9ZG_PRb5690V9awjUSd1HNlEdVKQHEWCzScg7mAZBLMqUdGmrTh-KDYbPoUXWgsz-dY1BXukMn9NHfbnoxr_AUUI0-zOV1Yq-Fc-eCOoiB8PEXqG6F0a-9uqKShmMPB7d8jcWZP8RiIs71EekgfFR0ZO6i50K010LcqQ_TuQ5d3HUnw2HuAUUAwTQvu61714qKOkmW5oUlsMM3-Yx9k-QA_WPa7e3BStUXft4EGZWU62DpgpjNVjATQc2RuIEtkt9cKOH83aKWokfZNP20fWKdpcaXPh9T-htBZI883FmOUOkIh1hfKs8sR_wnz2kmAFjkozU3qoAJWpMg0w6l2DLZEWKsZFIzTceGNQ0WFCc0dRnzcLQZaVzYTWXdmw2L5221zckR9CVYxb0D-YsXIGrSqX9siwQ4vD0fcPINVpW4GWNk0AO-GcBJ2Eibsi_zlCaUZjJ7lvBjj6kJPkPB5aazMnPPzpCM_ewbPFYS1JMs_1y7qS9Vt236mMwbTmAp7H4FkJNmN_wrzd8EnwlIMhF1UCezKRbuDPx7AkVsmavyuM1vfY3X_ov0gTSBXOu2DLofZL6EEik7Jv0cG6rTPP8du1sqsD8ZGohY17bml7dJi9086yQs_2GsUcwtUP7PTatb77Opi8ezNYCFDYoZvHWj4lqutdW8Tlboz2XjJ_uo_xnCyQgpLQ7IFfLy8qVKsMd5KuCdnvU4FDszq-e0eVe_dwmYKO_kIA2lj2csT0kxCGopgCA2kHUuMmH6eYxv_Ql-D-cRvip3Mj9oW36XHX7dpbzpyAJWQiPspuJauuk0cjWFkzAUmpS46GfZ3wTlns58LZS8w-jhY7hFRPEdPsNlIbGmYH8u_F2CNxo49LA2Nw8gZZUsZBk5SVGIOt1puLocWE4TsHqbdeHQDEknGLaIiCAEhy9Or9P0RbPj2OMdPnFH0ZkpY5JIxGUQPkOs5T1xSBQrsP_JLMUXagpdkqWkMJEs_jz7ujo5ED7jZnDqVwC1w1ati6-eTr_0ss5jDRt6ZRktJjZIwzZfx1QOCU_Jw7TpqMzT_QM_-llyYr162asjtMiV2JOTjGApeIKHoTExy3QjsOSkLcjP4WReHkdOtnGXS8jXMz-yhql6G5EQHyNOZaHrkDq3_uMb3--XUI37QUcSOyoBni-3sfYhmo8DFAJ83OTDUxIHrwm6zBLe5XFlULKRmRJfQLw_SdLTg7Ytd_rDrIr39DMI3au-S4AzNHpiNlT8hsqPKKuNGXCanzbWKDLatGnXL_68r3Fu_exFfqqRhHtIlS3NeEmtQ_fg0bhaQUbk4jSGvMZ7fSSu4dp7O4anlR2lSsSUCVjfE-R4nhpzBI4ORk_HwYkdDq0Mz8f4h985NyaQEmn-PGTIguNAW2ZX5PqiWJnMseJc41HEK0IugIKJKAZg2-_vRVmj9LQ15EJ8wJITnYGmP0zyzHb7SbKbLiYYCQBgKduAHoNshczUJBiNtx3lQmISjZEpROONEDyOgxazi_FO63Yxju8EcE9w2a8yGa7mWNphYY4gW9ZSmvqPi7of5WUiEFhxLglgDS031Zua0pKxfUIuJIF9YZPxJSnqEED5t8zKjsT2IL3OAnuP1mXl6rwm2fvSALGfo_UA8YmWP1Z-e9CYk3KXOkIT17pzf1gJu5ymqJf6arP82YWjihhNWvI919szZEeRZdK3NCezMB5_XblIEpsZhOGIjNJ50kZeixWDKG_sAoWRJCXQziy3yjIyWJMhQrJutcX3hnzYb1wpe5BakJ_YU_do5RtNuunDFA9Z2hmBZGzRMIa4AsS2iPXOM92vjlzHMQjvbSRsP_40QzgQWKjrtQSEogh49TS1lW_Kfff10wqAZ8QgJ81e-kWC2D4gVtbufobnqK4CIHleokA29qnMRgvYVX6qkz00xn9beqdmU7St58gqh8RIdXe5fBoAwbYeplZ4tfY6UAE10_t5UKoj-aCrpgSwEXOSchc9t6BOuRT0wmRgT9F1PTFEuYY3Wke4GKkiI5P6J8n-dVNnhNunRtJAnU6uw48t8rIvHhHuqraVilvPhGyja7krsQlUwxSIUDT7g64epIOyo64RmIihidSzpsb6VuCsnhAvAlgcrcqP4mLzvfrHiBaCdk21GQYWC5ztLRX3LcwjKdHCFxd3tdS9ZbpfFzoOLvOmfV8KVxk37-Zd9A_MltC1LWqjMttzLz0mnAr4Xse9uYLrxF4VXV3Qon9yo52Tmo9OA39ThQqdaJ8pLMwI1x8YFymP-AHuhGyB0kEcUW7xH0f7uXap51yQ0rYPdnfxCOBollGR7vym7wKocxuPKwoa02DR7-2RE3uR8-fPbTwqb24QJqZ1dfJxwBYOkP7I91trNuiRXSw8IiRqcaKwgAEifkaI28tO1NssuJFxOvV3jxPKlhsbRmv0xA4A9Yd_QZCLx-spH4zKxgAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:48:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 25FB 27 KB
10 KB 200ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:48:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6EC2 41 KB
15 KB 154ms
56ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 10:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 10:33:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3ABB 22 KB
8 KB 53ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 580288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8259 22 KB
8 KB 53ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 580288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 25FB
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968045/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0889daf9930fc3496f32c5c5999337...
https://www.googletagservices.com/dcm/dcmads.js

23 KB
9 KB

166ms
57ms

Script
text/javascript

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 04 Jul 2022 08:09:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E0D8 80 KB
21 KB 219ms
65ms Script
application/javascript 2600:9000:223f:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 4230885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 19o526SdC-8LESqSagtsQyj5IrOwYfT4l5WAj5R8II87PvNG1jsQzA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
216 B 659ms
208ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRcK,pingTime:-3,time:60,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 656ms
209ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRcL,pingTime:-6,time:61,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:61,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:vsim.ua*&br=c
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10555209917674437644/ Frame 7656 6 KB
2 KB 165ms
54ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10555209917674437644/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c3bc4247579dcae07ffa7cd71365ac96ceb3d5d8bfa911a1eefa60f1752310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 257070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2325
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jul 2022 08:24:48 GMT
expires: Sat, 01 Jul 2023 08:24:48 GMT
last-modified: Fri, 03 Jun 2022 07:48:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6EC2 0
110 B 238ms
107ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM9QmPK8za31AVqYcmwesGnqV5Vzyq8fcZZTBBgFmjVH_4p_BflW_Lc_h_MiLvnMKEqtaDMcCGWMlG0RTMvDqEmq07LicSFb1I_G8NXuNtAZOpEoEX4_6kk4pWjwlilEP9iJTuKiyyiqJm-1zRDwrYd6-cCW8d9fY4bz2bQ6d_y4M7VDrRJDvSrc2KNaLSE04f2SdtJUUuyU8U7f4_Nlbo2t0XpzVPbsaPsKIzFcdHH8lqJS5IxF51uwORM0zcUzp6WJ4T9kA_jFSbyMLW_7i_ieYMmeyqcvz6fag52jZTZtY7LjWA7r0-LMBYYkwPV3bxNWnbr-XjARCK9VxWJt9GEX2vMx3nQQCR6rK3yRtB36var6PUrVm9A9Rdhyyv-RmkKH7SYBmHTeznq8tjxk0benUQJBAKvI3AkRNBjsirkvV8sIhwtPaO3d2eiWdGfJBZQJ3aEHHnXpOfTlTnpBkOL1XHKXUqnYLvx4yRJ1AA0PwayzX9Kzjf9N7-5-c380acBgM29D9-gAwvfbVKJC2MMGOdGIjZO6qA0lmtqhe6oD1hqAh7MDhcK6l9UNjk6sD0Zvt1GWaOMALxc4o9jwQDwG-4xEh6Df-E-mAebuys453slpsFJgPy3HfBE8kFwDJteF80KV3lZ5txXCZSK0P53nS-TYOPXnUp9qCTN_8jw1EduaKLDeMmG7zZdJPrzu4riPKYC-4ATcayV3EQal8gTLJoMpjhzauxO_PaR-V7cCYNDbhzLvNw5NKmbOOwuZnVq20NUA1dgR_waDKiMlxFsjgiaf7CtZSXFZxAJCopBgUlW02pdxUecGzbb_JKgDesnnQCTciQ1rUE6zPmACKIP-fOExkJ4ugdY0d7kl0heNP_zKVQMHyImSocKVKn-6-MuTVpXNgkSXGa997rpqwNm76KvIVKw_VGh-g5Qg3-p8jXQWz-03LmcquE_mimdXs5MXn-OfjAyy_XoTzmZyGLkkF6TRFY86GjHAh_Nd_qtn09RGZdtQRnshIw6wJJyJNdPRgmZSsRc5HiYZekW0nUZewDlTlOwf8caluAEbG0en1Ea04DClK1QmEPjyeJUVcJiVPPNXrPpH2WF77ifwn65RprtPXxNJFVlupgY_JVA_sOrPcmaK-28_XKEsQnJdsDRRteQRIhzcVGSod3CbhRwUhXcBWlgjSPrhmb8Yd7jA&sai=AMfl-YTQYUaC8es59WqnL-bQXctDjB11GifOKgZIkOOpG1RBayJ4mwUORmGjy188PnfuqjoivCB3YbJZpOIZ2jEvHmDi7rTp4YAzlNo_q9c3_0pxELGxo7ORkVLTPST91D2PSBMQ9SzyKTCD_uZ03rf3VAyhpem7LFUegjl4jzFo9rrXA2VfTUJAZXU40785qd1gd-VhTV6vRTzlQkjMXrDuuCc6Pk7zjfdDi6cTWVYSjNN0-1SgNI5YKgl5sDA6dOLzzwHFOd7_foMkGkTYOOvSS3Dy3ZmzHGIqzs3SBHzVdRn1vbYnJjNjbx0fUaIqgJv9fz97E9gXYkZh8RpByyAsQeGgWp7qsYCXFN91galj7YfV0QXANaPdGxj9EZZjvloOqd_aGm3r62Wc-4E4IYoMCA&sig=Cg0ArKJSzFV0JUsBloH2EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=378&cisv=r20220629.94472&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 04 Jul 2022 07:49:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8983349693034261550/ Frame 72DF 6 KB
2 KB 160ms
57ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57db35b5a7ecf550145de3105d175c51162ebad9a69b1851dd95f528cf39706e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2281
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 07:19:44 GMT
expires: Tue, 04 Jul 2023 07:19:44 GMT
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25FB 0
575 B 230ms
105ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgw1H2A7X-N0zZeRknsRivyORGW71yrHoUooR1F4JSsYzw9_ER2vUKSbRMrS3vl8CoxCZjBg6gynACzEjgu0Q_wsWeONP5Qdtv7YzddtnOOIfvreW04LFtmu6e55l8jAd_68M&sai=AMfl-YTQ0YWCBOwvhCgluK1_OWkm2yGJoAtI3o6kEHyopK6JNG0LfUOqhVh2fLZF3WPEYdcqKj_6eYVRNEMZy0r04cV9F2gs6ozepc6tAB67nxJlEUkunDeefiCZRvHJLnw&sig=Cg0ArKJSzMAPygTe7VlWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&cbvp=1&cstd=301&cisv=r20220629.45223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 632ms
209ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRdd,pingTime:-2,time:89,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:183,mdZ:523,beA:655,beZ:657,mfA:659,cmA:661,inA:661,inZ:665,prA:665,prZ:671,si:678,poA:679,poZ:699,cmZ:699,mfZ:699,loA:716,loZ:719,ltA:744,ltZ:744%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,sinceFw:64,readyFired:false%7D&br=c
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ABB 36 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8259 36 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 19:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 19:22:03 GMT

GET
DATA 200
OK truncated
/ Frame 6EC2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb707ce084e8727065eda1768852d69b483a0927d301c8cd13542180d535277f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7656 236 KB
63 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 07:49:18 GMT

GET
H3 200 avoury-always-on-970x250.js Show response
s0.2mdn.net/sadbundle/10555209917674437644/ Frame 7656 73 KB
11 KB 64ms
63ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10555209917674437644/avoury-always-on-970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e617d67e5471222f56210581ed8817a6f881dafaf3ce75fe5a207d1e04651e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 08:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 07:48:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jul 2023 08:24:49 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 72DF 236 KB
63 KB 233ms
63ms Script
text/javascript 2a02:26f0:f7::5c7b:e143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:49:18 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 04 Jul 2022 08:04:18 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/8983349693034261550/ Frame 72DF 153 KB
28 KB 81ms
81ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5cb3973bbcfa74279cbdf1fed6cb8de5cf4188bd0380132d0db0d87326d5b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28229
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:44 GMT

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame 25FB 54 KB
21 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968045/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:76d24cbe-4dec-a29b-d7fa-cecd5db411c7,c:hnMRc8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-g7h6t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:ce97e2aa-fb6d-11ec-a0c1-06be961ae6bf,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 13:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 13:29:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ABB 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvGBgfZvCYp33Doi83gOT4Lf4BwAAAAA4AeAEAg&bg=!iomlic3NAAaLlKKnq5Q7ACkAdvg8Wh9K9Zh2xNsROs4c2RDRXwRtShdOLoClCEMJM2pZBOk-khR5TAIAAACkUgAAAAJoAQeZAtbTMaFC10uxIHbzkremvomaUE3Ixx_bLThMlU0QVwwzFjtXTWcxetgrkliO1ErL04nTdDP16SzDX1hc-Zqk5lkcIk7OyMVaCFMqv70KcI78K5Ax2Kwt4sFYESiVJ5EnO0bmP3_yrWTkxBZctCU9fJATx39O0ZWZiVJxWXdb83gkWh-yiW-dNbZuSFbGlOFm5kBWCg6lrI_fyZU6NslwR1DhgcIlgotHvps0prTWL8tEJevU8_Cb_MZABX5AB2NF1VCb-CJ9aBaHKPD4WJTgxrHlu0uVJLxgqdBolvIAW11MKXVWIGnAXO4f0COkrvcD3pvKFnbyMFvU56vn_j3yTUwVDVqGpx2rg5zjsQwKrStal--rvBPm_NL3OJ4P5phHQEOfrAjw_YSqT9OaNb2oo1qQEGrufYAzbfxsCdmy4hR2YBn4K9DM-9oyH6j-YrY3VV0DtkXoiAqIguxUjsbNbwQQpRxzjddH3tVTZNIGYW_6I_iC7MKstDhcfSf7X9XBBIjM5qcZLtqNOQeDCCCkvNl-eSc_datvAd9jrEZP0n88pdvWrqaI0-iyRtaG-LL-FkPUN3viSeUUfXfqEYQBmp7AlcvmYW8_DywsVzSigOsNs9z2frwuc1ubkdlbEqVHXxiYjuCTPn0oQAep4vLtnQdm8OmlvaI_CDMo6iWw1qCgpFq5TvKQqI-lN3znQAR7MjF9yXaa8inbcm5CNNCWcR81LXjUVRd-DjdNwVhpRe8UMN50Hk-6K5OEkGIB3ps0SzKV8alAQdaWNLXCSpo10GbUE-27yU0IgmuBzQByU6z8CBFO8QypjbzVhBtHQRsmKz9iIsHqqpOkeIVlf7xjt0ho0MV4HqEsmvYsPGlN6sX6BDpPg45YfQdaOPRu6LuLw6Q-K60Bu5-_phbiic9lwxCmZCp6wHnx9Eo2cH8RSO2fs4ty6jiji6aEj5fMW2DBnLUq2pkEEJI

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 25FB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36dea12c0c29327bda6de8d4debdb53e32eee263ee09921ae06149bf02394aa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 333ms
210ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRi2,time:388,type:e,im:%7Bimprf:%7Bttecl:766,ecd:262,tsecr:8%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:388,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B380~0%5D,as:%5B380~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8259 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS_61fZvCYvfALo2f7_UP6qCpiAoAAAAAOAHgBAI&bg=!paalpuLNAAaLlKKnq5Q7ACkAdvg8WuqPSCI_3KYCZBwiYWYeA5Maxx8zdzGP2XTpsZYS9bAglqpsnAIAAACgUgAAAAJoAQcKAHfOvFQ-IcBVJqUKgOaecWyGtpCIv0MAG7cbJbV6n1zyO3SbPTq275_L0EjOZSQ_ZNOcZwV68YmmR80T3TnmxRPpC4v8tFR2pPTcN7w_c-mO77VbKrwgN3OloKeFNEQ2joHf3Tuex5xFix7PeNZSduTzGE_Y4ub9HJkC7KEOuntl-EyXbllIpEreLQANQULkfCHMszN38T84hjbsn_WYF4gENqor0sRBydB8XMHph0AsMpHPiln7BMDLLaeHDfvqlfWO_bd9vB2Qz9L-Pc2C5UJAzO-frfSfKwf1E-YB0UOAwwjKsQlNhiBF_S_L6R1rjCzUtns7MMjFjKujSX_oHbzdTxuGrJFdJS75SrWuy9W3myAEx2WccMsSNVHx3eHdrb9UNoejNm6nnKb6c3oBu421nmhkih3t7D-gNGPYFfeNoGqnefb4HzZQ7GGiGKPEq-0EdzEvoAAwEPB5SOK-S-ZOLcVkSJBw-iDDjFjz2BrMJovxDJo04aj1VyMdifPzFQEY-7wWOcl1wQpSLzlF3i1A4TDVVYoG2hjGsKXodyRSy2kYh56H4SicJ7vt4_sH28dJJk1Y3tWzLG4_EdfIt00SapuNq3dVnkZxOw1tvB9qSizvvvfNspl8tdwNdBuPMLEKZNSBRNd2AG-IurYTJItQpn29oFyLqrjUPRrN7weDzMHCxiaT_CKb_2J4RsSVHgEiSN09h5p86vlMUgSAh-l9CZK4s5aTdeXic7ye1YkSSvvqOGFJTd5TJmyKyEX1oIE3-SLVJ-EOE6R5DTKgudf82QqziQ2N81SQUfPlMCXlmtyhxaVDrzS9VqbvBzdT2xHuRRG63WaMl9gF08hKr7uMQSGXI6r1J8fPlZH5DPYpz_1S8hlxugKy6FROQ57_NXQ_bD7-F9ykGh1RGTg-IKCPwWzGjGoeKmJiaXe2jrfY0cMsohZJZXAf-tI1yFkPq6x5v4UpuHO6kl5KmY9lZRffhzzmXd7W52La6Y7-gkzHySR2dmBDbQRuEXw1bMY0l24E2dSBytBCnuED9e4w-z8pOEoKJPFQF0Y-d_EdbH8IX3uH9RuxoMrSQUxlAE40-CgYfoS_7sjbs0WCzq0HQW2YlNTKTG4wVeyXkhvrlQZkwMXABsX40MqX9pHEtUWeHN1-mCnXwxE

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 avoury_always_on_970x250_atlas_P_1.png
s0.2mdn.net/sadbundle/10555209917674437644/images/ Frame 7656 81 KB
81 KB 56ms
55ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10555209917674437644/images/avoury_always_on_970x250_atlas_P_1.png

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba70139fe73d5cd57c681030e8797726897ab34188d1677896d64a71bd7b569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 08:24:49 GMT
x-content-type-options: nosniff
age: 257069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82556
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 07:48:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jul 2023 08:24:49 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6EC2 0
26 B 204ms
91ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM9QmPK8za31AVqYcmwesGnqV5Vzyq8fcZZTBBgFmjVH_4p_BflW_Lc_h_MiLvnMKEqtaDMcCGWMlG0RTMvDqEmq07LicSFb1I_G8NXuNtAZOpEoEX4_6kk4pWjwlilEP9iJTuKiyyiqJm-1zRDwrYd6-cCW8d9fY4bz2bQ6d_y4M7VDrRJDvSrc2KNaLSE04f2SdtJUUuyU8U7f4_Nlbo2t0XpzVPbsaPsKIzFcdHH8lqJS5IxF51uwORM0zcUzp6WJ4T9kA_jFSbyMLW_7i_ieYMmeyqcvz6fag52jZTZtY7LjWA7r0-LMBYYkwPV3bxNWnbr-XjARCK9VxWJt9GEX2vMx3nQQCR6rK3yRtB36var6PUrVm9A9Rdhyyv-RmkKH7SYBmHTeznq8tjxk0benUQJBAKvI3AkRNBjsirkvV8sIhwtPaO3d2eiWdGfJBZQJ3aEHHnXpOfTlTnpBkOL1XHKXUqnYLvx4yRJ1AA0PwayzX9Kzjf9N7-5-c380acBgM29D9-gAwvfbVKJC2MMGOdGIjZO6qA0lmtqhe6oD1hqAh7MDhcK6l9UNjk6sD0Zvt1GWaOMALxc4o9jwQDwG-4xEh6Df-E-mAebuys453slpsFJgPy3HfBE8kFwDJteF80KV3lZ5txXCZSK0P53nS-TYOPXnUp9qCTN_8jw1EduaKLDeMmG7zZdJPrzu4riPKYC-4ATcayV3EQal8gTLJoMpjhzauxO_PaR-V7cCYNDbhzLvNw5NKmbOOwuZnVq20NUA1dgR_waDKiMlxFsjgiaf7CtZSXFZxAJCopBgUlW02pdxUecGzbb_JKgDesnnQCTciQ1rUE6zPmACKIP-fOExkJ4ugdY0d7kl0heNP_zKVQMHyImSocKVKn-6-MuTVpXNgkSXGa997rpqwNm76KvIVKw_VGh-g5Qg3-p8jXQWz-03LmcquE_mimdXs5MXn-OfjAyy_XoTzmZyGLkkF6TRFY86GjHAh_Nd_qtn09RGZdtQRnshIw6wJJyJNdPRgmZSsRc5HiYZekW0nUZewDlTlOwf8caluAEbG0en1Ea04DClK1QmEPjyeJUVcJiVPPNXrPpH2WF77ifwn65RprtPXxNJFVlupgY_JVA_sOrPcmaK-28_XKEsQnJdsDRRteQRIhzcVGSod3CbhRwUhXcBWlgjSPrhmb8Yd7jA&sai=AMfl-YTQYUaC8es59WqnL-bQXctDjB11GifOKgZIkOOpG1RBayJ4mwUORmGjy188PnfuqjoivCB3YbJZpOIZ2jEvHmDi7rTp4YAzlNo_q9c3_0pxELGxo7ORkVLTPST91D2PSBMQ9SzyKTCD_uZ03rf3VAyhpem7LFUegjl4jzFo9rrXA2VfTUJAZXU40785qd1gd-VhTV6vRTzlQkjMXrDuuCc6Pk7zjfdDi6cTWVYSjNN0-1SgNI5YKgl5sDA6dOLzzwHFOd7_foMkGkTYOOvSS3Dy3ZmzHGIqzs3SBHzVdRn1vbYnJjNjbx0fUaIqgJv9fz97E9gXYkZh8RpByyAsQeGgWp7qsYCXFN91galj7YfV0QXANaPdGxj9EZZjvloOqd_aGm3r62Wc-4E4IYoMCA&sig=Cg0ArKJSzFV0JUsBloH2EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=734&vt=11&dtpt=352&dett=3&cstd=378&cisv=r20220629.94472&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 avoury_always_on_970x250_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/10555209917674437644/images/ Frame 7656 154 KB
154 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10555209917674437644/images/avoury_always_on_970x250_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117930af4d73e013f1631b5133d4ac6a33d74766ad52ef25461eb413922ee50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10555209917674437644/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 08:24:49 GMT
x-content-type-options: nosniff
age: 257069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157412
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 07:48:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jul 2023 08:24:49 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 371ms
371ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRkH,pingTime:-10,time:553,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656920958631%7C%7Cf0e571d41511ddd1f40679dd2232f081%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C0a548ca5f8321609a99a74c3e450e4f7%7C%7Ce839de6bb4c57bcb1133d0b87e7b4d06%7C%7C3ec0694aa36ea760b2bcc889ffe588dd%7C%7Cd4d0d37860c654b2ef87a4ad1140e2eb%7C%7C1f94702fd875ca20eed2a30334f826f1%7C%7C1629390669,im:%7Bpci:%7Btdr:517%7D%7D%7D
Requested by: Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:18 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Brush01.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 64ms
63ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Brush01.jpg

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101e85d7c5d9f83207fa16727c99947736b6f582f43970c4f479c50b280aad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:45 GMT
x-content-type-options: nosniff
age: 1773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2312
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25FB 0
26 B 89ms
89ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgw1H2A7X-N0zZeRknsRivyORGW71yrHoUooR1F4JSsYzw9_ER2vUKSbRMrS3vl8CoxCZjBg6gynACzEjgu0Q_wsWeONP5Qdtv7YzddtnOOIfvreW04LFtmu6e55l8jAd_68M&sai=AMfl-YTQ0YWCBOwvhCgluK1_OWkm2yGJoAtI3o6kEHyopK6JNG0LfUOqhVh2fLZF3WPEYdcqKj_6eYVRNEMZy0r04cV9F2gs6ozepc6tAB67nxJlEUkunDeefiCZRvHJLnw&sig=Cg0ArKJSzMAPygTe7VlWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=791&vt=11&dtpt=488&dett=3&cstd=301&cisv=r20220629.45223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 07:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Brush02.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Brush02.jpg

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e76607f32a4936efaffced3ce6d74d65bc710a880f62f291888d99596c0197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:46 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2255
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:46 GMT

GET
H3 200 Brush03.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Brush03.jpg

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84dce02db0d21f11aa5ed7434db9e9846a34976fbf2dab81eb414f423e42845d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:46 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2149
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:46 GMT

GET
H3 200 Debrisfield.png
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 3 KB
3 KB 56ms
56ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Debrisfield.png

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a539307feececaa1d9e7c3c64309775fba011c2f6f11040f8ec73d53b1c086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:46 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2764
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:46 GMT

GET
H3 200 Dust03.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 5 KB
5 KB 85ms
85ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Dust03.jpg

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f744b349a8dfe361caf1bae49437361d028b7c2b918b164283adf3e9dde51b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:46 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5210
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:46 GMT

GET
H3 200 Dust04.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 23 KB
23 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Dust04.jpg

Requested by

Host: 0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
URL: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe627cdc131b0123585e4232c1bbc3c04b968627237b96d310a9ee437488215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23181
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:47 GMT

GET
H3 200 Dust05.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 33 KB
33 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Dust05.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b779a14bb71a7d52a740420015e1d19f22eaa4acd27eff4bfc4b0e81d69d41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33987
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:47 GMT

GET
H3 200 End_Image.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 10 KB
10 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/End_Image.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a3629d96ac19a7877ce66b2a5a9401faa2bc9a98fbc3dcca8b1d7454f40e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10210
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:47 GMT

GET
H3 200 laser.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 3 KB
3 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/laser.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55bab0aa112d20d4fdeea05d9d87cbc80400449ec1205c2e4495127b363d95e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2783
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:47 GMT

GET
H3 200 Nasty1.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Nasty1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7a204ebc565cba44972bbebf23b06165a5e2fd57d16d0772b7b01151dc50a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 1772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2306
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6EC2 42 B
64 B 199ms
89ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6-CBAquY5ifcYtchkQE0Xnezk-mLJ3wHvD2AU_NmpURMvL6fb_Zfx-DTgUjkcrgmCHbpYQQB5DDxNx19eC_ZKWXGWCX5MVlniEg0vgw1y-2c79e4Q3-vfp1XMC3wbWA7RItwk2kk&sai=AMfl-YQV65KPhQNMDjzAEE7CtkcJOH8O57MwEFG12TzbeiH7JEQcA0kIejEUreveegnJzF4aieuCWb3RaBJ8n-A0EWIZrbn23ARgUOdwQZslt5rJk0PKrWVi-pKnK5PTJiL_&sig=Cg0ArKJSzEYWeTEQGE0KEAE&cid=CAASKORoh4fS-PzwgTqnGCxyp_4uwUhRr5GL6WwboqZWnLqj3-Glzu3o3Rs&id=lidar2&mcvt=1000&p=931,204,1181,1174&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2483578089&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656920957689&rpt=530&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Nasty2.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Nasty2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecd8db3874142ac40ea4d77a8db2cf76a57b390b1d15532beeb5eb3139b10d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:20:06 GMT
x-content-type-options: nosniff
age: 1753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2230
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:20:06 GMT

GET
H3 200 Nasty3.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 2 KB
2 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Nasty3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe22788c984fe7f3de48c7f9bf807f6c74ad466c3ab21e5202e69d2723cd0b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:48 GMT
x-content-type-options: nosniff
age: 1771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2156
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:48 GMT

GET
H3 200 Nasty4.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 3 KB
3 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Nasty4.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d1bd7b120cda27d7dda3ebc28d68e8311b9e7d150ea2039f64344d848dfd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:48 GMT
x-content-type-options: nosniff
age: 1771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2743
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:48 GMT

GET
H3 200 Product.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 5 KB
5 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Product.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af819deb3a2e5e45bb5f776f55e3a95c0a221ce81b9eba3b949c270e8bdaddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:49 GMT
x-content-type-options: nosniff
age: 1770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5352
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25FB 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA9pple-ciIvUbDAbULORFAPLLx1K1v3tnNHl7Ao06Y4bxb7V9VWOjk79QZwqUk3FUgFAKIJqFy85itw31CH5jKw6BjAoJgOELO4nshkOO8q7J9ZtnhdZJf9Ju62YVwWhCN11DWjM&sai=AMfl-YTOlOBt8WPy7n38wXOd_6s17EiB9Foius5l2iIIo-oBCfxSILX3OIx4B38Od4Af8-AlWZ7Be2w3Xb1l4-EvtisyU41erf_n6M12wY2EjMoApGzB0EZWDxzJmdqsUXE&sig=Cg0ArKJSzOyImR1XXkgtEAE&cid=CAASJ-Rojby07U2yy4kXE69XePE8qWGxtGa_TEDgD1h39BkIvH6ykfjMrA&id=lidar2&mcvt=1000&p=228,1092,478,1392&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656920957423&rpt=1033&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Product_Head.jpg
s0.2mdn.net/sadbundle/8983349693034261550/images/ Frame 72DF 10 KB
10 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8983349693034261550/images/Product_Head.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bb1fd7097e41eaf1bc03a1aa81b614b685915a4dd7ad01a073c4d76c3225ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8983349693034261550/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:19:51 GMT
x-content-type-options: nosniff
age: 1768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10489
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:18:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 07:19:51 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 321ms
63ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Jul 2022 07:49:19 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1232
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=SqRukHxncGVBdkZPMTQrMDdxYlJXQ2gvK3BtUmpMd3ZQQVdtbmY1Q3MwaHdIT2hPUWpBRk9vbmlHc1BMWTh4N1NKU2czZDAyY3pkbEI4aWhhMnZUa2lUd2QrdU1xVnpoWXpVMWNiRUNvaXZoWHBiTmxDZmxUNitTVERvTD...

321 B
597 B

170ms
58ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SqRukHxncGVBdkZPMTQrMDdxYlJXQ2gvK3BtUmpMd3ZQQVdtbmY1Q3MwaHdIT2hPUWpBRk9vbmlHc1BMWTh4N1NKU2czZDAyY3pkbEI4aWhhMnZUa2lUd2QrdU1xVnpoWXpVMWNiRUNvaXZoWHBiTmxDZmxUNitTVERvTDRCWE9rZGExUVkxd1JlUHVRYUVpWGo1YmRnSzJ1eHpNWlJoQ0x3WTN1QXV6amRGT1VQNGNuZHVDekh3RjdsNE5GZ2poQ0JGRGdCRnRxdHNrc01RbFdsdmJKTkloTnI4dGRMNWhVOEFpd0pmQjVIU1dQVUNFPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6782938a156ad32c83b2ddf17ac84921a1b4f33d0ce903dd8b5721bce989a1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2388
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:20 GMT
location: https://mug.criteo.com/sid?cpp=SqRukHxncGVBdkZPMTQrMDdxYlJXQ2gvK3BtUmpMd3ZQQVdtbmY1Q3MwaHdIT2hPUWpBRk9vbmlHc1BMWTh4N1NKU2czZDAyY3pkbEI4aWhhMnZUa2lUd2QrdU1xVnpoWXpVMWNiRUNvaXZoWHBiTmxDZmxUNitTVERvTDRCWE9rZGExUVkxd1JlUHVRYUVpWGo1YmRnSzJ1eHpNWlJoQ0x3WTN1QXV6amRGT1VQNGNuZHVDekh3RjdsNE5GZ2poQ0JGRGdCRnRxdHNrc01RbFdsdmJKTkloTnI4dGRMNWhVOEFpd0pmQjVIU1dQVUNFPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1508
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
614 B 191ms
61ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460255/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

4aa8fe78f9b76079cf387cb1f14e410ce3296c0ab17332ed56203ef4c69d6b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Mon, 04 Jul 2022 07:49:20 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 208ms
207ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRQr,pingTime:1,time:2522,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1511~0,0~100%5D,as:%5B1511~300.250%5D%7D%7D,%7Bsl:i,t:1519,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:374,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:20 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 25FB 43 B
215 B 207ms
207ms Image
image/gif 100.20.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=76d24cbe-4dec-a29b-d7fa-cecd5db411c7&tv=%7Bc:hnMRQs,pingTime:1,time:2522,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1511~0,0~100%5D,as:%5B1511~300.250%5D%7D%7D,%7Bsl:i,t:1519,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:374,fm:taBptXU+11%7C12%7C13%7C14*.1005482-61968045%7C141%7C142%7C151%7C152%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 07:49:20 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 212ms
63ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Jul 2022 07:49:20 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1189
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leokross.com
URL: https://leokross.com/vAW/aGeq.js

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 04:15:21	Name: Value: undefined
vsim.ua/	1970-01-20 04:15:21	Name: browser_id Value: e8e055f0-a27c-4e00-bb7c-6986842793c5
vsim.ua/	1970-01-20 04:15:21	Name: remp_session_id Value: 7c1854b0-a427-4314-a44f-e176adf40b29
vsim.ua/	1970-01-20 21:46:32	Name: GN_USER_ID_KEY Value: 29221e88-27e9-43d2-9e00-d88ddf96ad57
vsim.ua/	1970-01-20 04:15:22	Name: GN_SESSION_ID_KEY Value: 8ac6c88d-f830-477c-8d2f-a45ed3f3ed24
.vsim.ua/	1970-01-20 04:15:24	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 04:16:47	Name: _gid Value: GA1.2.725708540.1656920957
.vsim.ua/	1970-01-20 04:15:21	Name: _gat Value: 1
.vsim.ua/	1970-01-20 06:24:56	Name: _fbp Value: fb.1.1656920956705.2011766573
.vsim.ua/	1970-01-20 21:46:32	Name: _ga_0CS1NTGGLB Value: GS1.1.1656920956.1.0.1656920956.60
.vsim.ua/	1970-01-20 21:46:32	Name: _ga Value: GA1.1.1509110726.1656920957
.vsim.ua/	1970-01-20 04:15:22	Name: __cf_bm Value: Q76gAvg8HrNYywVi33YJ_uOxq.N6JLf1CCHnqmfW4Cg-1656920956-0-ASo0m3QYcMZMFzL55I/6qHFepZrwKluJjTqil1xgsdBHCSsRpMrSPjz3ngoruXA8uqLBM+CdKnq5UuwmmuHM3L3X0tsOYsly5clxlykroJ7YjQKQLNQOZfLEBhIDLA7kAg==
vsim.ua/	1970-01-20 04:58:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 13:00:56	Name: _pubcid Value: e2aed882-bfda-4d0e-a889-54219c2e0e5d
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 17:34:32	Name: E Value: AHA8m1f2BVVFe0z0
.adnxs.com/	1970-01-20 06:24:56	Name: icu Value: ChgIq9pcEAoYASABKAEw_baKlgY4AUABSAEQ_baKlgYYAA..
.adnxs.com/	1970-01-20 06:24:56	Name: uuid2 Value: 5223968340286633430
.vsim.ua/	1970-01-20 13:36:56	Name: __gads Value: ID=dd91effa2615adb3-22683481c5cd0059:T=1656920957:S=ALNI_MZy4Qtbs3iAT7FDFn0y4XyZr0vUaw
.doubleclick.net/	1970-01-20 13:36:56	Name: IDE Value: AHWqTUnzEC4nBD5qNJTjfInttFv532KrfiLfWVo1V5rIPUVmx-X4pK82isDY0GiZ4uI
.casalemedia.com/	1970-01-20 06:24:56	Name: CMPS Value: 642
.adnxs.com/	1970-01-20 06:24:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In8rCFMo!]tbPl1M>e)ZlrFUfJ+tGXxo3G1-snMWyttKI0FORkVf>^gyz`c?1P$C1:JSbpRzqF1`b`qm?XyR
.casalemedia.com/	1970-01-20 13:00:56	Name: CMID Value: YsKbfQl2gDOnvIMc8Ci80QAA
.casalemedia.com/	1970-01-20 06:24:56	Name: CMPRO Value: 642
.casalemedia.com/	1970-01-20 06:24:56	Name: CMTS Value: 4447
.vsim.ua/	1970-01-20 13:36:56	Name: cto_bundle Value: Y1i2rV9WWldIOURRbHZmMnE2RlhQajVkaGVqJTJGdG40TCUyQkpVTGFIbGJFQ28xSVE5OWsxdjRISHU3WVdYeFVTbk91UkN3Umt1ZlBxcUhhNnVqaE81VjVuZURkcXdzSzNqZ2FQeDZjeU5rMUQ4Z05tWUElM0Q
.vsim.ua/	1970-01-20 13:36:56	Name: cto_bidid Value: SPJKzV9hWVR5bXlqTnpJaUk0QVVUQXc2SUZVMzZsdmUlMkZtdWNiaXpxblFDJTJGd25CUlJkT0FBUjg0VFpqUzdmS3RlZUg2dXFXMzVwdUwlMkJjdE12bktON1RaTElBUSUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://vsim.ua/ Message: The resource https://connect.facebook.net/uk_UA/sdk.js#xfbml=1&version=v12.0&appId=178301089580185&autoLogAppEvents=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://vsim.ua/ Message: The resource https://accounts.google.com/gsi/client was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0889daf9930fc3496f32c5c59993377a.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ampcid.google.com
ampcid.google.de
api.gravitec.media
bid.g.doubleclick.net
cdn.gravitec.media
cdn.gravitec.net
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
leokross.com
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtelligent.com
prebid-eu.creativecdn.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker_beam.20minut.ua
unpkg.com
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
leokross.com
100.20.118.155
104.18.18.126
104.18.19.126
141.95.98.70
142.250.186.34
142.250.74.194
172.217.18.2
178.250.0.157
185.184.8.90
185.33.220.244
185.64.189.112
2001:4860:4802:34::36
2600:9000:223f:7c00:8:48e:53c0:93a1
2606:4700:3035::6815:3aed
2606:4700::6810:7daf
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::200d
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9b
2a02:2638:1::13
2a02:26f0:f7::5c7b:e143
2a02:6ea0:c700::11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a0c:5c81:5142::2
31.41.216.82
34.98.64.218
35.214.184.209
45.133.44.3
45.133.44.4
5.178.65.246
54.246.237.93
66.102.1.155
03b1039371300c82aebdd55114bc5d1a49a19f5b2b0ae25dff3dc0c90acc9073
087afccd6c529e8c66aaec7f26a26ede8a95bb869d3441fbfe53057022f84488
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117930af4d73e013f1631b5133d4ac6a33d74766ad52ef25461eb413922ee50f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e76607f32a4936efaffced3ce6d74d65bc710a880f62f291888d99596c0197
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
2101e85d7c5d9f83207fa16727c99947736b6f582f43970c4f479c50b280aad5
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a0d3354b220c1f290f6b0a1f14a5b28fa1fcbe14c744a4dccd9d4017e62283
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2973ed089940b9f773dae37e3f3da020dedeb524637eeee71d6284ab54175a9f
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a9d480de15ac30a5ab043e16f3239f66dfaec88bad49dad9c5cc5f43ddcdbac
2d30de7cd63dc0149edcef088e0682c3d9846240c6f5d7015049273d840211c5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
34d1bd7b120cda27d7dda3ebc28d68e8311b9e7d150ea2039f64344d848dfd92
359793ee46fbdf7a9782612719c4a08dbc83704fa3f2326e5b4d9eebb6fd9ba0
364f1071fc95b34e41d1e1438b6d4fc09eb04f4012367dca693aff23eb9d3682
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3f744b349a8dfe361caf1bae49437361d028b7c2b918b164283adf3e9dde51b6
474613e4fcf690ca5f1f6f8710dcebefbed470ae5b2a40178942ca6659532023
480189e99d25834e42169286716e9050ae34d2f09f0fe03425ec6911fed89e60
4974ffef2715fc94144d9e0ae396e59d6c2e43360a91dd878257ca982abb75f2
4a21e1ff2d5aaea3222780ac7f5a19c8b9ba063080039392cc7feb6c415335ab
4aa8fe78f9b76079cf387cb1f14e410ce3296c0ab17332ed56203ef4c69d6b25
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb1fd7097e41eaf1bc03a1aa81b614b685915a4dd7ad01a073c4d76c3225ef1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55bab0aa112d20d4fdeea05d9d87cbc80400449ec1205c2e4495127b363d95e2
57db35b5a7ecf550145de3105d175c51162ebad9a69b1851dd95f528cf39706e
597edf23911b6aa17adf7d12922291752f54044cac6e16ba005f5b6481ca43ce
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5efe7dc11640f7e746c7bafcd22b55081d81fb09f2fa9a935d16ee10356161c7
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
6674a5264a5bfd679b6c8c69ef5b6075292361d0842bbcb57a772590e6640bd7
6782938a156ad32c83b2ddf17ac84921a1b4f33d0ce903dd8b5721bce989a1d6
67a539307feececaa1d9e7c3c64309775fba011c2f6f11040f8ec73d53b1c086
67c3bc4247579dcae07ffa7cd71365ac96ceb3d5d8bfa911a1eefa60f1752310
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c09765834b837729cdca7d9fb46cf11c6d86920927f8102cdc485c2c1aaf415
6ef2c296a72cbb15b161d88e05edd088c36c011f5bde3b1eb5fbcafaa675d4a2
6f5737160f8a1f843e9d9e9f3fa4cf1e1b1484902ad0607b450031c4f83bcaaf
74e617d67e5471222f56210581ed8817a6f881dafaf3ce75fe5a207d1e04651e
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7b779a14bb71a7d52a740420015e1d19f22eaa4acd27eff4bfc4b0e81d69d41f
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f4d43251a549e2ce1324d69609aa0be99dc192804cfca4b33ee687ce9fbf833
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84dce02db0d21f11aa5ed7434db9e9846a34976fbf2dab81eb414f423e42845d
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1ffd5a308175b2ea062bb17f11af0668d67d3bf3c5706b7608deddda55e775
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
9311521ffa7cd856efa2bb5765a1ec07dba345a7f6ad47e165de317a57d0ce7f
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
97af4af601bb73135434b5741f31acedbd9906ecf6a142532ae975e2ad60ccdb
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4ef8dc360c1ac8531ecfd1e484b03dcbeaff0db74222f9460321c5fcc1f4c2
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9af819deb3a2e5e45bb5f776f55e3a95c0a221ce81b9eba3b949c270e8bdaddc
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04bb9dca5b8df66fc2d7031e9e4745a9774a62954a04e500f464c0b9dc90703
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4
af5a3629d96ac19a7877ce66b2a5a9401faa2bc9a98fbc3dcca8b1d7454f40e5
af887587cd5d30d70b1741dc611e40eeb175babdbdcffaa98af0e85145368e69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36dea12c0c29327bda6de8d4debdb53e32eee263ee09921ae06149bf02394aa
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b7d69624ffb7783cb60807807da680a538de64f4dfc5d30646939c07c06d3c5b
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
b967236d04ad2019b6f85ab11bf984bc483742c109b4004a9146fbb77cd3ba05
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
be907fa5f12c4ae1cd2c268fb2b7e08dcdb7de2e5329c86fb13ba647647e8f44
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c20f3f672fcf706162694c9262161ca092545471688d9be8d2e2625c048142e8
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb707ce084e8727065eda1768852d69b483a0927d301c8cd13542180d535277f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
da00dad1dfa8a349f002e647b3c7184d8600dcad707b5f3d776fac173fdb230d
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef
dc7af18db76dbac94742104e73bc6d2c28d57617b2e8259717eb7f5f337e3352
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
dfe627cdc131b0123585e4232c1bbc3c04b968627237b96d310a9ee437488215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e44312ae785ffc6912382dd05d05ffc148624b01b08f3a5b58807de53d77fc44
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e7a204ebc565cba44972bbebf23b06165a5e2fd57d16d0772b7b01151dc50a27
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
eba70139fe73d5cd57c681030e8797726897ab34188d1677896d64a71bd7b569
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ecd8db3874142ac40ea4d77a8db2cf76a57b390b1d15532beeb5eb3139b10d0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b84e517af23750b86db72413847bbded528860976c4b4b3ceeb83aa5e99ea6
f5cb3973bbcfa74279cbdf1fed6cb8de5cf4188bd0380132d0db0d87326d5b85
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f9afc63e1f6971e98c7c718f07b5232ff5dc83f25defea565f81db8e6dc65232
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fa87983e1b443a19e20422d823c6c5965a27cea671a6d29658aed7e7a35c6f3f
fe22788c984fe7f3de48c7f9bf807f6c74ad466c3ab21e5202e69d2723cd0b14

vsim.ua Open in urlscan Pro 2606:4700:3035::6815:3aed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

93 %HTTPS

59 %IPv6

29 Domains

49 Subdomains

47 IPs

9 Countries

2703 kBTransfer

7650 kBSize

27 Cookies

14 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vsim.ua Open in urlscan Pro
2606:4700:3035::6815:3aed Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

93 %
HTTPS

59 %
IPv6

29
Domains

49
Subdomains

47
IPs

9
Countries

2703 kB
Transfer

7650 kB
Size

27
Cookies

175 HTTP transactions
3 data transactions