subject.com.ua Open in urlscan Pro
31.131.26.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://subject.com.ua/
Effective URL:
https://subject.com.ua/
Submission: On October 05 via api (October 5th 2022, 2:41:31 am UTC) from GB — Scanned from GB

Summary HTTP 471 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 79 IPs in 16 countries across 72 domains to perform 471 HTTP transactions. The main IP is 31.131.26.2, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is subject.com.ua. The Cisco Umbrella rank of the primary domain is 951150.
TLS certificate: Issued by R3 on August 11th 2022. Valid for: 3 months.

This is the only time subject.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	31.131.26.2 31.131.26.2	56851 (VPS-UA-AS) (VPS-UA-AS)
1	2600:9000:20d... 2600:9000:20d9:8800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	51.91.60.38 51.91.60.38	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:bc00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
6	2606:4700:e0:... 2606:4700:e0::ac40:6903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 12	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	54.39.16.115 54.39.16.115	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	99.86.4.86 99.86.4.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
6	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
8 15	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2 8	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
11	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
10	18.194.202.243 18.194.202.243	16509 (AMAZON-02) (AMAZON-02)
41	2606:4700:10:... 2606:4700:10::ac43:2ac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4 10	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
7	148.251.121.152 148.251.121.152	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
4	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
15	51.79.20.94 51.79.20.94	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 26	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.49.50.17 52.49.50.17	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	3.231.251.159 3.231.251.159	14618 (AMAZON-AES) (AMAZON-AES)
1 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.7.31 108.138.7.31	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:6800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4280:e955:3e30:9d62:70ae	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
10	2.18.168.202 2.18.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
12 12	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
5 5	3.122.40.23 3.122.40.23	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
5	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
5	2600:9000:211... 2600:9000:211a:dc00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
9 9	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
7 12	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
5	52.29.139.35 52.29.139.35	16509 (AMAZON-02) (AMAZON-02)
5 5	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
15 15	34.227.131.62 34.227.131.62	14618 (AMAZON-AES) (AMAZON-AES)
3 3	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
10	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
5	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3605:c283:2fe6:5625:9484	16509 (AMAZON-02) (AMAZON-02)
4 4	3.123.174.3 3.123.174.3	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	72.251.241.204 72.251.241.204	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3	54.194.213.220 54.194.213.220	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	52.213.169.38 52.213.169.38	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.122.84.171 3.122.84.171	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
471	79

4 31.131.26.2 (Ukraine) 1 redirects

ASN56851 (VPS-UA-AS, UA)
PTR: valerym.sv

subject.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d9:8800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.91.60.38 (France)

ASN16276 (OVH, FR)

tag.eu.dev2pub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.eu.dev2pub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:bc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e0::ac40:6903 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.39.16.115 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.173.215 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 147.75.85.234 (Schiphol, Netherlands) 2 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.194.202.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.4.23 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 148.251.121.152 (Braunlage, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 51.79.20.94 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns566706.ip-51-79-20.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.50.17 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-50-17.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.251.159 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-251-159.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net

a.svtrd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:6800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4280:e955:3e30:9d62:70ae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.168.202 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.126.56.137 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.122.40.23 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-40-23.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211a:dc00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.42.196.115 (Luxembourg) 9 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.52.2.30 (United States) 7 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.139.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.228.23 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.227.131.62 (Ashburn, United States) 15 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-131-62.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.12 (United States) 3 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.96.145.246 (Vienna, Austria) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:c283:2fe6:5625:9484 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.174.3 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-174-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.213.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.169.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-169-38.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (Lovettsville, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.84.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-84-171.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com	542 KB
42	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	346 KB
41	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 10609 sync.quantumdex.io — Cisco Umbrella Rank: 7123	8 KB
34	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703 dsum.casalemedia.com — Cisco Umbrella Rank: 2347	27 KB
28	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 21620 analytics.vdo.ai — Cisco Umbrella Rank: 18830 targeting.vdo.ai — Cisco Umbrella Rank: 24020 h5.vdo.ai — Cisco Umbrella Rank: 25753	3 MB
23	rubiconproject.com 6 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1345 eus.rubiconproject.com — Cisco Umbrella Rank: 861 token.rubiconproject.com — Cisco Umbrella Rank: 1067 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1264	55 KB
22	adnxs.com 10 redirects ib.adnxs.com — Cisco Umbrella Rank: 334 acdn.adnxs.com — Cisco Umbrella Rank: 885 secure.adnxs.com — Cisco Umbrella Rank: 707	103 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	262 KB
18	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 718 image6.pubmatic.com — Cisco Umbrella Rank: 915 ads.pubmatic.com — Cisco Umbrella Rank: 728	59 KB
17	google.com 3 redirects cse.google.com — Cisco Umbrella Rank: 4429 www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136 clients1.google.com — Cisco Umbrella Rank: 475	171 KB
15	disqus.com 15 redirects ssp.disqus.com — Cisco Umbrella Rank: 2992	5 KB
15	yahoo.com 12 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 432 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735	4 KB
14	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1080	2 KB
12	lijit.com 7 redirects ap.lijit.com — Cisco Umbrella Rank: 869 ce.lijit.com — Cisco Umbrella Rank: 1406	9 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 311	244 KB
12	adform.net 6 redirects adx.adform.net — Cisco Umbrella Rank: 3070 c1.adform.net — Cisco Umbrella Rank: 989 cm.adform.net — Cisco Umbrella Rank: 2140	5 KB
11	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 10092	2 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1153 static.adsafeprotected.com — Cisco Umbrella Rank: 828 dt.adsafeprotected.com — Cisco Umbrella Rank: 768	96 KB
10	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 844 gum.criteo.com — Cisco Umbrella Rank: 486 mug.criteo.com — Cisco Umbrella Rank: 1859	3 KB
10	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 8128 a-prebid.vidoomy.com — Cisco Umbrella Rank: 12713 a.vidoomy.com — Cisco Umbrella Rank: 9851	3 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
9	betweendigital.com 9 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2616	6 KB
8	a-mo.net 2 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1451	830 B
7	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9227	9 KB
6	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 642	6 KB
6	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5797	1 KB
6	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 456 www.googleapis.com — Cisco Umbrella Rank: 61 fonts.googleapis.com — Cisco Umbrella Rank: 118	351 KB
5	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4804
5	media.net 5 redirects hbx.media.net — Cisco Umbrella Rank: 2097	2 KB
5	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 820	171 B
5	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1009	1 KB
5	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 11030	81 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 430	3 KB
5	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 37289 stat.optad360.mgr.consensu.org — Cisco Umbrella Rank: 891258	238 KB
5	admixer.net 1 redirects cdn.admixer.net — Cisco Umbrella Rank: 37698 inv-nets.admixer.net — Cisco Umbrella Rank: 3507	85 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1306	3 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 427	3 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	43 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	176 KB
4	dev2pub.com tag.eu.dev2pub.com — Cisco Umbrella Rank: 163627 api.eu.dev2pub.com — Cisco Umbrella Rank: 141224	585 KB
4	subject.com.ua 1 redirects subject.com.ua — Cisco Umbrella Rank: 951150	34 KB
3	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 833	1 KB
3	sonobi.com 3 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1512	3 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 463	917 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	26 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3758 www.google.co.uk — Cisco Umbrella Rank: 2523	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	125 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 35386 get.optad360.io — Cisco Umbrella Rank: 23100	286 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 6371	1 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 1227	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1257	850 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2380	816 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 723	1 KB
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 941	382 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1522	457 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1076	945 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 789	58 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	53 KB
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 23393	269 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 1351	131 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1440	623 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 827	309 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 3236	350 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 2343	181 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 683	505 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 930	177 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 4640	181 B
1	svtrd.com a.svtrd.com — Cisco Umbrella Rank: 38511	2 KB
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 1403	55 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 3105	710 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	645 B
471	72

	Domain	Requested by
35	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com subject.com.ua 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
22	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
22	pagead2.googlesyndication.com	subject.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com www.googletagservices.com
20	s0.2mdn.net	googleads.g.doubleclick.net imasdk.googleapis.com subject.com.ua s0.2mdn.net
15	ssp.disqus.com	15 redirects
15	h5.vdo.ai	subject.com.ua a.vdo.ai
15	ib.adnxs.com	8 redirects get.optad360.io googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net subject.com.ua 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
14	onetag-sys.com	get.optad360.io sync.quantumdex.io
12	ups.analytics.yahoo.com	12 redirects
12	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
12	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
12	www.google.com	3 redirects cse.google.com www.google.com subject.com.ua 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com tpc.googlesyndication.com
11	ssp.wp.pl	get.optad360.io
10	eus.rubiconproject.com	sync.quantumdex.io eus.rubiconproject.com
10	ads.pubmatic.com	get.optad360.io sync.quantumdex.io
10	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net subject.com.ua
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com subject.com.ua
9	ads.betweendigital.com	9 redirects
8	ssum-sec.casalemedia.com	sync.quantumdex.io ssum-sec.casalemedia.com
8	prebid.a-mo.net	2 redirects get.optad360.io
7	ce.lijit.com	7 redirects
7	rtb.adxpremium.services	get.optad360.io
7	analytics.vdo.ai	a.vdo.ai
6	dt.adsafeprotected.com	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
6	id5-sync.com	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com sync.quantumdex.io
6	adx.adform.net	get.optad360.io
6	prebid-eu.creativecdn.com	get.optad360.io
6	bidder.criteo.com	get.optad360.io
6	useast.quantumdex.io	get.optad360.io
6	d.vidoomy.com	get.optad360.io
6	hbopenbid.pubmatic.com	get.optad360.io
5	token.rubiconproject.com	sync.quantumdex.io eus.rubiconproject.com
5	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
5	secure-assets.rubiconproject.com	5 redirects
5	hbx.media.net	5 redirects
5	match.sharethrough.com	sync.quantumdex.io
5	ap.lijit.com	sync.quantumdex.io
5	s.ad.smaato.net	sync.quantumdex.io
5	std.wpcdn.pl	ssp.wp.pl
5	x.bidswitch.net	5 redirects
5	acdn.adnxs.com	get.optad360.io
5	a.vdo.ai	subject.com.ua a.vdo.ai
4	dsum.casalemedia.com	ssum-sec.casalemedia.com
4	pm.w55c.net	4 redirects
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	c1.adform.net	4 redirects
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net subject.com.ua
4	www.googletagservices.com	googleads.g.doubleclick.net 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
4	optad360.mgr.consensu.org	subject.com.ua cmp.optad360.io optad360.mgr.consensu.org
4	cdn.admixer.net	subject.com.ua cdn.admixer.net
4	subject.com.ua	1 redirects subject.com.ua
3	match.prod.bidr.io	ssum-sec.casalemedia.com
3	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
3	sync.go.sonobi.com	3 redirects
3	a-prebid.vidoomy.com
3	match.adsrvr.org	get.optad360.io ssum-sec.casalemedia.com
3	cdnjs.cloudflare.com	s0.2mdn.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
3	www.googletagmanager.com	subject.com.ua a.vdo.ai www.googletagmanager.com
2	ads.creative-serving.com	2 redirects
2	p.rfihub.com	2 redirects
2	ad.turn.com	2 redirects
2	secure.adnxs.com	2 redirects
2	cm.adgrx.com	ssum-sec.casalemedia.com
2	sync.mathtag.com	2 redirects
2	cm.adform.net	2 redirects
2	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	static.adsafeprotected.com	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	1 redirects
2	sync.srv.stackadapt.com	2 redirects
2	image6.pubmatic.com	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com ads.pubmatic.com
2	fw.adsafeprotected.com	1 redirects subject.com.ua
2	static.criteo.net	get.optad360.io static.criteo.net
2	www.youtube.com	a.vdo.ai www.youtube.com
2	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	api.eu.dev2pub.com	tag.eu.dev2pub.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	get.optad360.io	subject.com.ua get.optad360.io
2	cse.google.com	subject.com.ua www.google.com
2	tag.eu.dev2pub.com	subject.com.ua tag.eu.dev2pub.com
1	pixel-us-east.rubiconproject.com	sync.quantumdex.io
1	euexchangesync.digitaleast.mobi	1 redirects
1	csync.loopme.me	ssum-sec.casalemedia.com
1	um.simpli.fi	1 redirects
1	b1sync.zemanta.com	1 redirects
1	dmp.brand-display.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	sync-tm.everesttech.net	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	a.vidoomy.com
1	inv-nets.admixer.net	1 redirects
1	a.svtrd.com	s0.2mdn.net
1	cs.emxdgt.com	9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	stat.optad360.mgr.consensu.org	cmp.optad360.io
1	targeting.vdo.ai	a.vdo.ai
1	www.google.co.uk	subject.com.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.jsdelivr.net	get.optad360.io
1	clients1.google.com	subject.com.ua
1	www.googleapis.com	subject.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cmp.optad360.io	subject.com.ua
471	113

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
lifelib.info
vdo.ai
buki.com.ua
ua.jooble.org
www.zarlit.com
www.ukrlit.net
mypaperwriter.com
assignmentgeek.com
writix.com
nuschool.com.ua
creativecommons.org
www.gnu.org
website-designer-2149.business.site

Subject Issuer	Validity	Valid
subject.com.ua R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tag.eu.dev2pub.com R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2022-08-19` - `2023-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
api.eu.dev2pub.com R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
optad360.mgr.consensu.org Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
stat.optad360.mgr.consensu.org ZeroSSL RSA Domain Secure Site CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
a.svtrd.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-13` - `2023-05-15`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh

This page contains 76 frames:

Primary Page: https://subject.com.ua/
Frame ID: D2FFC7A35835FB895F7599B728B50CD0
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: E36E30AE2CAEAE5488F302CB22D54118
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 0F28BC48577789C08DD44C9D8B0E38E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1664937683&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683592&bpp=5&bdt=368&idt=139&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=117996481162&frm=20&pv=2&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: C863AA661295ABAF9EF755B293F8961D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664937683&rafmt=1&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683597&bpp=2&bdt=373&idt=157&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=117996481162&frm=20&pv=1&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yi0kGUMoRF&p=https%3A//subject.com.ua&dtd=162
Frame ID: 18F72599494E04C6E932CB6C550AF73B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKe_jgEQ756RARjE6erUATAB&v=APEucNUBMRHHO_9sSCIQ5G4T3qb0I5m6oX1N1qYsBZ9c3VzpIKtQuTplV8sdM6AMDZCBQ7BX-XFAIKKwc01kQ19xgownFhbvZQ
Frame ID: 2DB5A94A58ABA9B1D1C360661C24CA79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwKwesRKr3JVivxuO4zAg4IEufZMi9_sO1Q1IAq6ULm_QE7wpxguew5zRok8f8la_eaxncu9xa9R-rQ4mBS53_RhvA-g&cry=1&dbm_d=AKAmf-BHUSLZo_S8y2NL1eSNNqjjaW3HZ1MTZ-CMNT8IRkPWN077LQHpxFo-yJLMlCWY9XOIEqG1sBbHkAO89vxpG08g4SVMfZK89-QSuEhfum6kFpcRnYcOGyA9UmqvznPoreKIRRnIDnOn8X80kNFOn23CutsUfJXkkceKJnWkOY9A8cy5d19K9ccU3nJcgq5UkdTXPLforEhAUYRfnqgT13JI5ugGgmAn6jHMb6nIdzarZNAf3MrcdtQmkZMaw5pBa3N_LeLRhx4PNhzLIxBlHlrXqiHKRS2nQApESFvLZLbKrE_ErA5vwiUWN-VrSQZ-lhG7jWGsblXKdIJiWrEG_PqDa_03ZkS5TpJvigxGgfORepVq6bG0dPhRObl99g1iyBxmFYpI1oO416B1HNvoZl6_1Q0SMNcFOtUk8fF6aOJv2_WAhU0KeUUC_AbaShD-EEtkjGlIWv4Ox4UNMFpjmy-JBfTc57pvQv8r8lrKoOkMaSTepSsGb0fR_jnmR38jNMNOveWY9aOIP8aqtdEu0EnVxIIZSt3Wc21F4d5wP0vutlbeRNnc9Z7t__METvmv1BmrCRBnAk3YxlhDbMhec7LDjaXZ5vhv-axrqWiuOfacE60lLVhvXVilZbX-mSTFVfm5joNOg1yfhBXZUHiVoJ-yK6BwGM7DW_Rs7641KPAMKYttmei5tM0fbHudyM7Vh_J0g42RhqNE5oNwdqcoKjyvIoLf3HHClg1jbjIzkXeSfYvb8GlBRl1y6to_tyWLtuoGA24XGbocItb6EwM8uLLJql-XV-QbS97ziEzBU2AHfF0hPfGOslejTREtJgwOQI95jkIMcBl0Fu3MU7LVi3UpMSQweBP8VCNDXtyoUl8_-4tExkehslrdA-Yqa4kwbzASuBwb-BpC1q-6751eDJ91hpicN8F_f2qclwQxWGLql3ApjFQJnm68N22IAxb9OV7bca79OwxwzcVaqFHb2EkoYKcAf09a3dWwNTeNpzJtG2mxRg5GwfX2bojrddakAUBzXMqNWhyuGgN3QDcivP7GIXPlPaEIB8UTxusnRMH3yxosrh5S4j8UT4gCuXQ_Fh0ZQ6HasmH9XP06W72jAsvCv3jeoTb65siXhlIyDbe13Xo-D8OvQmmghYQPuGFB3vZgQf826W9e400S2sPS-upe2mXdHVbESSjRKgdH5d6OU0Hic3_mP4N9W5nt3TBLa6kirSQ58SK_saXlNi9tNR6h4RTp1TqZY8Ju2BZS6wop-55ZzPVOVNvNTTBHZZJqMoo-dwWozvJ4dVDwa-EZETwL1X8CfxIr-Y9gX2VQU9-Pl5F73qKh6KccfGVFJjqlfrpa5HQNiIFduK8ja-HO9DmnATrzlwBHcWwR00GGsQxqFqUEGZOaAP6SAiNgSBc7eEiJK3I4uUTHXlMEBdgRmRHgzfUTeEjuLAnK5FoPbgDiUUi7zFtTdiYUqw_MM63aVa12y4HasfvNP_kxktIGAaDSNnIZrdPiNTJLj3xTATMrTAIXgAmG5FydRb0GqW1DRPAM7UACdEWNMYntmsi8UdWuJ4fUAMiGDLuDiv0LtqFC0kLa6tWHmVt-iEV6pJpefblZ9VrxEwQDF4cpT97PPyfFX3DRUprnm4mfpBt0KGhegath3N4BDjomXjgTuAwo8eWEEGkpG7EuA_VSHXmjGU1pcs6qvOK9wWYuE0ajMCUJxIb881oWJSEMtuN4oZDwEithx-cbJoxGMYOsOt9rXOs_niCwVAYsM8Y7nRwbGSAELNcs7QI_3xtAXQeiDO29y_TnhwD90s-snklKLB9OjFsfbK2tdP2Rp2I-aKybuOc5PH_bRaqJ9frBcoXLbUNEGR9kCewQUGnIcw4O_OS4I8M-gZiBkvhjmyNCi4cKa09xVh18nuUhsZuYb63Ou3jvKyVHdncIDwuF9cSQmhdoszaVBJeJMCPy2-5igJzLwkQTCuW6I8PxNmWvIEgq3ImD_wubssR-nCuRl31xgV0DX16d2eSbN5Ee161SZ0n-7eR9YrobRF-0VaDrw5e8qg2BZwKXtPCcNO22pa1tpBDDv8Cw3jBF2Y2W1hfrDmnToAsriuP1tdnTt4g3ONpn1ZcLFM-TTu7HaytaKEvOAgaORH9EZ8C6S2XeOf3Swyw8l2SPX6YJcm_bkEOUzc76gBTV9O4hSrQtZ-nNaLqHoa-Cv9FaMp5OXXhesEvE3LH-yxWgp8I3_whr8FkVyw6Tk0K5pxbChKZgFLntYnXvcQiWkW5u0Xdi6I75b1apEombg7b9hulPF86ouPgAjn4jSNbTvNl3Sj-gt7VZfZJNYdBXf940UYH0NQu9wDB0TOee3avBkUlhG8SxkxkwXsuRIoS6bAX-PFWu3ojC-95rTY0hgGKVpyFbQ2NyemYUmcl-Pc-aDQvVv6DfNCVn8PhN7vp6zI5tlStBh1D8h43ttaJGuSOzTz7J-Xe0rxFv0T-fmBx4UqtS7sKOSWQGiqW6tgCv9cslkxlWs9Q_BovJonYgx2TTmxHPHaIZ233OJwJV7SFv0gr7DmLAhOO4WsTcgLkZb6u5HbDgS-Ggw38bxHm6gB15B7NMOs12YLlL37F8UXI9s22lgm6t5E3NLDVMbe7BJ84_m7vWU2FyRPH-9HTnNqSmwM2tT7h2ikdob-xr7mGNGvDmre_72C-noKR3acfjzoF4kU9RU2K1LgxX4xSGG3_mowCy0WCnCsOdTMq9Z7XZ4nfhZZwnpq9WBnyISYSVRJtxaqmsmSyqCdUtmtDiS0b_MF6Wo-jdfXinH_5psn8sHoK5nR6lN5WP_0tCAnTc36bd398ygdlSdt2ydS9kbQ-WQkebp_RfLzkvNfgRckxMt9jRZRJPNGt4oIoTl7ic2NXA2Y_HLjOsaFOfaX5ueWH9VCWRFR1A09pKOZ-K-omsZ485JC3LyliVdhwhy2Bd12VpNTxrYKFuD2DzgbTrFlwnBEYryOaf0PRonlbr8YAGKi2WAQbe1gkgsqHCCJkj8x0ocM-wjD96LTCCBdyRQDB5dGwfI9pi5djoGciY8z9cnajNv1CiaqVcbt-txEjPandD4EQlX_3hjgik6uzxyPQplLYZLPA3FQ0sEw01zJ8yPyK120gIDHyp3lFPrtDAm8JJaFxVLpf8vwIto3P8KFQJ-o4jB5PXGR-zNMfUQ4kUMiuAskIGnbf5GMBD9vhISMlSegz7SGFs0Rk6AzzQW99zO6OWPZe9pKeODnN9eddDAh6SjLUKri3wEYgNRFlLipcjnkCYiQWjkLVARsrUWwQUNTNlYVyrpcqzJ3E7ZM1eVvQnDnPr0AOW-jnc-S6_UOP1lZFYPWI0ejy9yzZmmuZdn2g4UmAebWTb2NJVLdH0PRJxXCI&cid=CAQSGwCsnQUxuUvXUbtIVC8dgCgD1DxRQ7QYWaDaYxgBIA4&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Frame ID: DC76D30C0A39350663F4904FECAFFE79
Requests: 12 HTTP requests in this frame

Frame: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F75AF3C63AA91215AA9D37DDBC1CFBB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9F060DC5BECA3C4269B90AD81D8C6DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: CBB10C2914B21F1EE4C72683D0A6F6D7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B3AA4C7E13AABFEEDF8B237D2B91C612
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: 983D0E672C63283DE75363215C44E0BF
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Frame ID: 5F4A25C76F41981F647C5B3DF9E150BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BEA765C719C59BCED1EA29BFC2963C52
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BB7A1C25688BCDBD33E72E7171A1F016
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3475410DF1286599D10709F557E8A20A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: DF821927D31CC51D8B77868766F8C813
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Frame ID: 995A5A20D9540BB6D42FD8AE67439757
Requests: 2 HTTP requests in this frame

Frame: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3B8C01C00DE16F697C50EC40C5F71FF
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochC1l7MBGLv4ytIBMAE&v=APEucNXACfT-EtqvRjpNrLV5eaWkZE6vo9FwxQHPONwAAP9uHIHrBuk-fDbGGhov7-9NyqgBRB7uPVhx1JHTQ50ecWIijy9dLKec9nx0OOjH6jeRH_QHFin22RMvCb-1hBQgtk5KWgh3iq-4pmCcN6XYnvcO7G8IhzDpVIoKUOIcQZLW84KZSmRuYfTopFcD82qbdPyP11J_-y-JqyAhUyTQK_5MbIHP-g
Frame ID: 1DF8DB7238580FD66E3AF767EC0C7FC4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 9DDBCC32AD3AD6A6E4D994FFA68C307A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: D44899B9D69E919AFBB33A273CD1358F
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76D8071DFB29F0F04C3E8D714DF857B9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AEAAE3DF22DFB84DFA1807D4C19B305
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
Frame ID: 9C99F121DC3A1837E235EF4EEE44E6FB
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1B520D548873202261E59E27EDB6D107
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57F6A53223C8B699DC83319271DFFECD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F8A1698609659812F209C2F03F580F3
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 83773E4D94F96BC1C98732595DF407FE
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 18CC92C722C6F95D02DF5111B4178442
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC0B78FCC1A56557E80A0D5D7E59F3EC
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: B10ED9F73BAA370D3E32F9359688CBA0
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1080D424AF6F0BEC6299337D2A4EB8F1
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Frame ID: B39C118A6331BD6EB824BCE28146B69D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: BB743E96F93D182C984B015BA9F3D3FC
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: C0DFF55458EB4DC35E2C9CFF34468926
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Frame ID: 841C398D80BAECEE93E3DAD8F6C97FF9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 2951ED31ADBF3C157FB517671051F136
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 66F66F784E0177C14BE376C9663019E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 04D93CC9F796B818C5DBCBF85A6F035A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664937684073&gdpr=0
Frame ID: E3921DFA9084231660FDA0C1F0E1C4B1
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 2D7D04D3321B7BFDECF2E7A7C077CF2F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 8F374180852D3049DA5839C19C257CB0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1F90E869BE11C977FE75E4334D91E608
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Frame ID: 2E639C1C1423737D43E65661D5E75187
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ED4C0A58790348A5BB947BC28A1A5C4C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1D7860C1BCE5D6C27E5FD402D2254BC6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664937684115&gdpr=0
Frame ID: BC3D6D106ABE659E09E10E35C17F3B8B
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Frame ID: 3A827E616837F41EEA971EE588336BE3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664937684072&gdpr=0
Frame ID: DFAF916964C5D58C02DD563FDBE42D89
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Frame ID: 6561C45962B8A167535DED68E8A7944A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: B0712E97C1F4F0C73EBF704EEEFB8CB2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 191F8631459CF57A07301E36644CE801
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 1A7A4F0F68CEBF02123CEC5F5A9B5B70
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 57286647D7A04B633F0C8AAB8AEA5B62
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: E249D2BEA9BA3B6F5E80D644D1064459
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6C592880E82A4CFA9EAF9BCB44E211CA
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 6747EF8A504AFA2B78E02E646D54F2E6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: BD6D50BF0BE1C5B1EE453F0CE59631B0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 37EA119D21006407CE08904ECBD3BB39
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4C445BF7D7010F3CE8524A833E848670
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 809834218B415A48F5539861A33A9453
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: A08AD13BDBEC571F3729C957D5D8B382
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C99FA626D5AEB6D8C485D2FFD8C9B886
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 873CEE37F49275A1D49FE7A33986CC9F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: B9420EC1E0F89FCF05A0EBD45C52037D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 10B7A083FF053D3ED65EDC70518B158C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A01786977D858A7093CDBB66A8A76176
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 5A2CE4723753E0B1031E5EBC165F069D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: ED090D05467932B4E4AC25CE8E46F22C
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 9911D443621C25B4F18E642E33201EF5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: EE6016F48DA600D610A649E951D34D91
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1974F31BF1249FDAEB7DFE18B1091C5E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 9B0C39D4778C8FC4209C195FA9EBA969
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2C44699F05C85222EB30FC60DB71DF02
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: F4110B56BA0E9A3C4F2830A41AEE21E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всі предмети - Великий довідник школярашукати

Page URL History Show full URLs

http://subject.com.ua/ HTTP 301
https://subject.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

471
Requests

85 %
HTTPS

38 %
IPv6

72
Domains

113
Subdomains

79
IPs

16
Countries

7078 kB
Transfer

15049 kB
Size

72
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=subject.com.ua

Search URL Search Domain Scan URL

URL: https://lifelib.info/
Title: Бібліотека життя

Search URL Search Domain Scan URL

URL: https://vdo.ai/contact?utm_medium=video&utm_term=subject.com.ua&utm_source=vdoai_logo

Search URL Search Domain Scan URL

URL: https://buki.com.ua/ru/tutors/anhliiska-mova/kiev/
Title: Репетитор английского

Search URL Search Domain Scan URL

URL: https://ua.jooble.org/%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0-%D0%B4%D0%BB%D1%8F-%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%BE%D0%B2-%D0%B8-%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2
Title: Робота

Search URL Search Domain Scan URL

URL: http://www.zarlit.com/author/index.html
Title: Зарубіжна література

Search URL Search Domain Scan URL

URL: https://www.ukrlit.net/
Title: Українська література

Search URL Search Domain Scan URL

URL: https://mypaperwriter.com/samples/
Title: приклади есе англійською мовою

Search URL Search Domain Scan URL

URL: https://assignmentgeek.com/do-my-homework.html
Title: допомога з домашньою роботою

Search URL Search Domain Scan URL

URL: https://writix.com/assignment-help
Title: Help with assignments by Writix

Search URL Search Domain Scan URL

URL: https://nuschool.com.ua/index.html
Title: Відвідайте наш новий сайт - Матеріали для Нової української школи - планування, розробки уроків, дидактичні та методичні матеріали, підручники та зошити

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-sa/4.0/deed.uk
Title: Із Зазначенням Авторства — Поширення На Тих Самих Умовах 4.0 Міжнародна (CC BY-SA 4.0)

Search URL Search Domain Scan URL

URL: https://www.gnu.org/licenses/fdl-1.3.html
Title: GNU Free Documentation License (GFDL)

Search URL Search Domain Scan URL

URL: https://website-designer-2149.business.site/
Title: С.Є.А.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://subject.com.ua/ HTTP 301
https://subject.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 199

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&C=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzzu1aYT47lQJRjfv.JKygAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&google_hm=2

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHNOGPE1OAByH4LGAHryC5Q&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyODc1MzgxNTY1MTgwNjY3Nw%3D%3D

Request Chain 243

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 245

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIhOAXpLFy4NMERqvB9Wt9M&google_cver=1&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8VqdXX08dwmTgf_kUI7tCf4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIhOAXpLFy4NMERqvB9Wt9M&google_cver=1&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8VqdXX08dwmTgf_kUI7tCf4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExNTI3NzUxOTM4ODA1MTk3MQ&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8VqdXX08dwmTgf_kUI7tCf4

Request Chain 247

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGz1FzZB4ad7w_0gIhIGLsg&google_cver=1&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3lF6laxinqUvl73W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3CysAFAaSP5aeXAtwnTY_tmKxGo&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3lF6laxinqUvl73W

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsansJVzGHoQqiC67itaXk&google_cver=1&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwmW2D07nv5igeddvfCsZe1tT-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWMFdTQ1AtTy1COTEz&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwmW2D07nv5igeddvfCsZe1tT-s

Request Chain 249

https://sync.inmobi.com/gob?google_gid=CAESEHzExbxZp85GcgH35Ds9XGY&google_cver=1&google_push=AZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9OGpxlwAClhVwAmzLNv1A7fG6IGFgeyzg9zhoVIEd1qjf13aJY2mzQUg HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9OGpxlwAClhVwAmzLNv1A7fG6IGFgeyzg9zhoVIEd1qjf13aJY2mzQUg

Request Chain 251

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEISJv0afAELcqFoUZShd8FY&google_cver=1&google_push=AZmPxg__tLQM25kW4oQpnRQ6FWgs6f2R3iEINMrCbHc2Fb0P8nnDRRQasge3yAMsaRhYxS0tDjbDN-VUOEx9dQrJpi5s-MHiDAol8Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg__tLQM25kW4oQpnRQ6FWgs6f2R3iEINMrCbHc2Fb0P8nnDRRQasge3yAMsaRhYxS0tDjbDN-VUOEx9dQrJpi5s-MHiDAol8Q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 256

https://fw.adsafeprotected.com/rfw/st/1161592/65524591/4.js?ias_dspID=3&ias_campId=1008861293&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18425129209&bidurl=https://subject.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ih37urENCYgUXPaqqaoIZ6&adContainerId=brand_safety_1e48Y4CyFaGl9u8P89a6oA8&cbFunctionName=goog_wrapCb_1e48Y4CyFaGl9u8P89a6oA8&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:66de48c3-b70f-80ca-79ec-0688792bccd9,c:q8kehh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-56cccd4d78-rpbp5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:30,oid:34be17d5-4457-11ed-ab3f-e61c36806f5b,v:19.8.353,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 311

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gsCkt3xaa1EvU2R3RmlNbzFzdE8xbGY0WFJsdXlHQW1hWlV5UVpkNTJNT1pYcHdRVURsOE04djB2TVVGQ0NoZDJVZ1g5SDBROWhFeS9mNHVyMTh4RmtBeEV4SXhxRTJTWDVqaG1ZN0NNakgwNUlJdEh2TzhEejFmS3NqNU1MakxQaEIvck1Hc0g3Z3FPOVJWVEx0ZVRZa3NVMjF6VE9FVVdWRVdNaEdqaFVQcEEzR0RoQTBodXJ2NUpNZWErTUY4S1BvZHVkcFV3eGJ5S280aTFyT2xaRnNuVVN4RmZFSkQ5Y3pYQlMyTzFFUnZrWWhzPXw&cppv=2

Request Chain 336

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=4528753815651806677

Request Chain 339

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined&verify=true HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A&gdpr=0&gdpr_consent=

Request Chain 340

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 303
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=6115277519388051971

Request Chain 341

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoomy%26bsw_param%3D450949e0-01ce-4525-9ca6-0d0fd1816f28%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=6537b1b789914cb1a30239d546f133e8&ssp=vidoomy&bsw_param=450949e0-01ce-4525-9ca6-0d0fd1816f28&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=450949e0-01ce-4525-9ca6-0d0fd1816f28

Request Chain 342

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 303
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=0&gdpr_consent=&us_privacy=&uid=6115277519388051971

Request Chain 346

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

Request Chain 347

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

Request Chain 351

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

Request Chain 352

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 353

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ== HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ%3D%3D&dnr=1 HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZH6ChTpOTIQRKeRQCD&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ== HTTP 302
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4Ag== HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

Request Chain 355

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

Request Chain 356

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

Request Chain 360

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

Request Chain 361

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 362

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ== HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ%3D%3D&dnr=1 HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4AQ== HTTP 302
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4Ag== HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICDBI4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

Request Chain 364

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

Request Chain 366

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

Request Chain 368

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 370

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

Request Chain 371

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICEgw4AQ== HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICEgw4AQ== HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICEgw4Ag== HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICEgw4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

Request Chain 374

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 377

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 378

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

Request Chain 379

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

Request Chain 381

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

Request Chain 382

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4AQ==%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4AQ==&buyeruid=a9d41556-413f-40b9-bd4b-ac7be2ef6397&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4Ag== HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

Request Chain 388

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 395

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 400

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

Request Chain 401

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

Request Chain 405

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

Request Chain 406

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 407

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4AQ==%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4AQ==&buyeruid=35ef4243-9065-44f7-885b-cdc1780cb77f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4Ag== HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM2RkZC05ODY4LTA2MTkxOTQ2NGNhYzICBgw4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

Request Chain 410

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 415

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 419

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

Request Chain 420

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

Request Chain 423

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vDeLtLKg1OFUlF5

Request Chain 424

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2c2d633c-eed7-4500-a154-8b1bfe39030f

Request Chain 426

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666147287

Request Chain 429

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

Request Chain 430

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

Request Chain 432

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665024087

Request Chain 433

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677

Request Chain 434

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7944987500643317189

Request Chain 435

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3951633c-eed7-4f00-93d5-281b5eef9388

Request Chain 437

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677

Request Chain 439

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB

Request Chain 441

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PW578W44LKUmOHmqbWtloz1reKcmaXynbTi_p-M6

Request Chain 442

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

Request Chain 443

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4528753815651806677

Request Chain 444

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7584699530453677509

Request Chain 448

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3CysAFAaSP5aeXAtwnTY_tmKxGo

Request Chain 449

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821885255272

Request Chain 450

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=89c6958b-99c8-27eb-51aa5196

Request Chain 452

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 455

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D397A0B8CA5D4AA2B4FB91211282FE57

Request Chain 457

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1d2a7497-ced4-4858-8aa9-dd40c5227c08

Request Chain 458

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=450949e0-01ce-4525-9ca6-0d0fd1816f28 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=450949e0-01ce-4525-9ca6-0d0fd1816f28 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=e845684e-8f30-48dd-aaa4-339978e3c888&ssp=index&expires=30&user_group=5&bsw_param=450949e0-01ce-4525-9ca6-0d0fd1816f28 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=450949e0-01ce-4525-9ca6-0d0fd1816f28

Request Chain 459

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b8I3xk061OFUlF5

Request Chain 460

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922043984349

Request Chain 461

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666121649

471 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
subject.com.ua/
Redirect Chain

http://subject.com.ua/
https://subject.com.ua/

11 KB
4 KB

132ms
46ms

Document
text/html

31.131.26.2
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://subject.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: valerym.sv
Software: Apache /
Resource Hash: c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, s-maxage=10
Connection: close
Content-Encoding: gzip
Content-Length: 4165
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Oct 2022 02:30:29 GMT
Server: Apache
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0

Redirect headers

Connection: close
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 05 Oct 2022 02:30:29 GMT
Location: https://subject.com.ua/
Server: Apache

GET
H/1.1 200
OK style.min.css
subject.com.ua/css/ 5 KB
2 KB 125ms
42ms Stylesheet
text/css 31.131.26.2
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://subject.com.ua/css/style.min.css
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: valerym.sv
Software: Apache /
Resource Hash: 707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:30:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Nov 2021 09:42:02 GMT
Server: Apache
ETag: "15dc-5d1c205107e0e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: close
Accept-Ranges: bytes
Content-Length: 1430

GET
H2 200 97672d69-12a2-43ea-9222-362234514ff0.min.js Show response
cmp.optad360.io/items/ 258 KB
73 KB 901ms
456ms Script
application/javascript 2600:9000:20d9:8800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d9:8800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 929275af47fe4f99fa9390db7e8b29f4fe69394bdb77d078ebfa40c1dc931395

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
via: 1.1 eb5c8f6a42034e4582f1e714f130879e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Sep 2022 07:41:42 GMT
server: AmazonS3
x-amz-cf-pop: CPT52-C1
etag: W/"04fed958fc9b1f788ca03d436a411927"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: tmiGHKjeC0Dd8Q9J87MOhaeJvUt33-MinjpRZIKVs12WYoWBM2S0mw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 160ms
65ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e86026a4cb833e0adde6f026d92b50038bf8b2c6df67cca005c9332cc957ffa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54625
x-xss-protection: 0
server: cafe
etag: 6283133037192627063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H/1.1 200
OK dev2pub.js Show response
tag.eu.dev2pub.com/ 102 KB
102 KB 271ms
115ms Script
application/javascript 51.91.60.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:23 GMT
Last-Modified: Fri, 16 Sep 2022 15:30:17 GMT
Server: nginx
X-IPLB-Request-ID: D98AC46A:AB8C_335B3C26:01BB_633CEED3_1D9D41B1:ABC6
ETag: "63249689-1969d"
X-IPLB-Instance: 43024
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 104093

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 222ms
85ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1099121-7

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb268e5adfa18f26a50e2e25788834aff3731ed125eeecb96e781ba3709bb601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42365
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 184ms
69ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

ffa4eda4e99cbcda33a01691c9fcb8d9648fc36069cf123a2e212b2d6e80e2f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3509
x-xss-protection: 0
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/ 269 KB
56 KB 200ms
40ms Script
application/javascript 2600:9000:206f:bc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:bc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f74114663d3b5268786c812d57e7e9450dd4ebeb7eac1c7d67e6d41278cde75d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:03:01 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 12:55:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 164303
etag: W/"6b28a55deae99172c12e6a26b81b943c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: J8O6WfRNxKFXDDVEHQ7PRk3TYFJ_whJdvzfVE-12eZV14djE3R1jDg==

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 238ms
58ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-10-05T02:32:43+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Fri, 09 Sep 2022 06:21:50 GMT

GET
H/1.1 200
OK Roboto.woff2
subject.com.ua/fonts/ 27 KB
28 KB 127ms
43ms Font
font/woff2 31.131.26.2
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://subject.com.ua/fonts/Roboto.woff2
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: valerym.sv
Software: Apache /
Resource Hash: 57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

Referer: https://subject.com.ua/css/style.min.css
Origin: https://subject.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:30:29 GMT
Last-Modified: Wed, 04 Dec 2019 15:02:31 GMT
Server: Apache
ETag: "6d84-598e21a197121"
Content-Type: font/woff2
Cache-Control: s-maxage=10
Connection: close
Accept-Ranges: bytes
Content-Length: 28036

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/subject/ 26 KB
5 KB 285ms
200ms Script
text/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/subject/vdo.ai.js
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fec7035d8913f1ecd6bd722d1e68a6813913c8f85782c6c8a54ab4338f617eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vdo-server: Tag2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Oct 2022 22:36:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSYzMFKlDecXJyQfXovcXpOc%2FdeW%2B47u9bzkN5eNwiofcdKLkJS8ko%2Be50BFvkIMzLcssD4WN5Xq%2FvH1%2BhDjRE2zoJbebT09B0Dxb90G8jOMfT39dQVdnbRdb9gUP7%2FaPjxnOogCXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 6151961 1216373
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 7552cc49b929405e-LHR

GET
H2 200 cse_element__uk.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 305 KB
101 KB 138ms
48ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103675
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 04 Oct 2023 00:36:29 GMT

GET
H2 200 default+uk.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 131ms
42ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 04 Oct 2023 00:36:29 GMT

GET
H2 200 espresso.css
www.google.com/cse/static/style/look/v4/ 5 KB
2 KB 130ms
41ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/espresso.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1538
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 05 Oct 2022 02:58:19 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb5c13ef184596e73060f92a5ac9003fc85f0209ccacc93068f3af0884eb0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117210
x-xss-protection: 0
server: cafe
etag: 17579444768544792085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame E36E 10 KB
5 KB 141ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 21450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 20:43:53 GMT
etag: 9671129459699598864
expires: Tue, 18 Oct 2022 20:43:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 0F28 738 B
519 B 54ms
54ms Document
text/html 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:23 GMT
etag: W/"63049f42-2e2"
expires: Wed, 27 Sep 2023 10:04:46 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-09-26T10:04:46+00:00
x-id: cec-up-gc13

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 57ms
56ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-09-26T10:05:14+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 27 Sep 2023 10:05:14 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 61ms
61ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-10-02T13:02:36+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Tue, 03 Oct 2023 13:02:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5126
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 05 Oct 2022 03:15:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 190ms
80ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-40

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eae690d8367bd052f4fa2ef806860ae57d4f89a57bb428c8ec64ba666ceec35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42372
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 211ms
102ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=UA-113932176-40&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19007501fee69cec78574e1ffd3a289177a443aac1426382ddf0f2f6f91186a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42386
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 02:41:23 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 304ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:23 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 411 KB
127 KB 77ms
45ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80917dd3c481cda5c3990647d97221b064bb9ccb635751cccd163e9e28a3622

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Sep 2022 14:19:16 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfxqckQIQDMPp1psvOFXdt4Gb4HXF1e7LBGmks0LkwKAH0KzDKKy7SjS7oKPbrN1xF5%2FnOsBQL5tGIctZUkjUkp7hyJOLiWT4sC4Xj6B0ZcO8JQtOZdxAM8V%2FybzUkXnWMaCK1ps9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 3670990 3537208
cf-ray: 7552cc4b6a3071c2-LHR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 247ms
105ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129563
x-xss-protection: 0
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H/1.1 200
OK GetLastCurrenciesRates Show response
api.eu.dev2pub.com/api/public/Dev2Pub/ 424 B
691 B 239ms
72ms XHR
application/json 51.91.60.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.eu.dev2pub.com/api/public/Dev2Pub/GetLastCurrenciesRates
Requested by: Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 47aab53d4ee677eddd63804129b8f0b19ad570bdf4e5666dca28688572c9473f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Oct 2022 02:41:23 GMT
Server: nginx
X-IPLB-Request-ID: D98AC46A:ABB2_335B3C26:01BB_633CEED3_1DAE541B:10DC0
Content-Length: 424
X-IPLB-Instance: 42215
Content-Type: application/json; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 138ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=subject.com.ua&callback=_gfp_s_&client=ca-pub-2062463022593482

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88cbe3d9a35ac45111b54a53efeb8dfddbb8001d8fa72b708f9bc54250c0b8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 206ms
77ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
48ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C863 237 KB
62 KB 396ms
395ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1664937683&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683592&bpp=5&bdt=368&idt=139&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=117996481162&frm=20&pv=2&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c5105350b5a4112268bcbccde977fb1e344aec1254777febe8eafe085358898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 63575
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Wed, 05 Oct 2022 02:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18F7 17 KB
8 KB 403ms
322ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664937683&rafmt=1&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683597&bpp=2&bdt=373&idt=157&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=117996481162&frm=20&pv=1&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yi0kGUMoRF&p=https%3A//subject.com.ua&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5f03f9af37d53ef15548f31b74f9d5c31eae4af35a3263cdf53857cf42ef7e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Wed, 05 Oct 2022 02:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b92142f24194405c3e59a17c84dad567c994bfe3e94483ae65a0aa1e25c5a902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27720
x-xss-protection: 0
server: sffe
etag: "1354 / 93 of 1000 / last-modified: 1664921228"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H2 200 prebid7.11.1.js Show response
get.optad360.io/sf/ 498 KB
157 KB 44ms
44ms Script
application/javascript 2600:9000:206f:bc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.11.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:bc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 738df72872e3ed1d49b341eea918207efa339548a71f5a1e086eb1ee2d346fa6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:37:56 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 05:12:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1753408
etag: W/"7cb55d774e623c3e166bda0a818df497"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: LslbZ7ffkaZZZ2XW6iHzW5LXNTNpDh-fuYtQWwO-r4tsnQOcF9ym6g==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 131ms
39ms Image
image/svg+xml 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:53:24 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2881
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: CWqQYUvMNvg7-RaporfWRBqNspcspsSOT0tYvdLgosY1tuxYWb_2Og==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 129ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1930634461&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1363099208&gjid=505059051&cid=289627364.1664937684&tid=UA-1099121-7&_gid=873588498.1664937684&_r=1&gtm=2oua30&z=1964796194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 132ms
50ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAM%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68bb402c953aa7f8c538b43aeb880d533b34c8fab5b07c4d60a697d0f96a0aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "150694945893035349"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:23 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 124ms
41ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:04:14 GMT
x-content-type-options: nosniff
age: 34629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 04 Oct 2023 17:04:14 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 194ms
54ms Image
text/plain 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 207ms
53ms Image
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 127ms
34ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221005

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30dc5454f49bd559b31d8c371c030336189637d4de7eea29d60c1fe37d7d027e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42024
x-jsd-version: 1.0.1483
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-mia11377-MIA
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-kQ4WxmHMp+ygnAsji8TLZciyY5U"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGM%2B2sTcoJPo2a86tnTqZ%2BCnfuF2jcMa%2FPhrLdU973aX208%2BcSZw4s6diw35z1ORQQWl04X9gPUom4iIsRNNl48sNR%2BpSv%2FCK0Ivm5BvBVPqFmzDp66ZZ13fIJFaqKkH7MOdLMQ693vfEGtaQi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7552cc4cff7371c9-LHR

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 150ms
41ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 248ms
110ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 163ms
44ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

769a1db862b8969c684d69059a131755fdc3ced724534e3c1c1f90d670a7dd8f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: ab288087-78d9-46a3-b957-8fdffe6f7080
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 113ms
34ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
56 B 219ms
72ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 0000000000000000ef5f8cca4169ae8a:9a9e9daa5a331ec3:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 297ms
126ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683784_bcq1r54n5&w=240&h=400&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=12caf6b713dc35b&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 220ms
146ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4cf95571db-LHR
access-control-allow-methods: POST, GET

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 121ms
45ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=36164526625&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 117ms
38ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 320ms
100ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 293ms
134ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 13ac3d0e38dd3eb2bfad5dddd06c055d25d0501e8174fb83a564b46f9bf90ff7

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 202ms
77ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 103ms
35ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 291ms
136ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 4d61b06a23d14629f85852c804e2a7c55000054e521a98de3ea463f3d4245145

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 110ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 208ms
72ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 000000000000000058388b32f0c78b55:7803279762338138:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 110ms
44ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=87118956650&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 152ms
47ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

432c4035e3fbb96b4dc65ee483f2a9ea75a8ce99b09a51da0e2fdfbeb095aa3d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: 42ca84e2-5569-4108-b2b7-95d6afa56c44
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 203ms
139ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4cf95671db-LHR
access-control-allow-methods: POST, GET

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 290ms
131ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683782_7xjl57du0&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=4080ad29d1dad88&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 327ms
116ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 132ms
42ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
264 B 187ms
127ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4d095871db-LHR
access-control-allow-methods: POST, GET

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 300ms
151ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 196fb32aec8fe4a71ae7fcfa3d9914583c69fce25c81d0d5ef58f52f006b403c

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 168ms
81ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 108ms
48ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=4668792535&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 327ms
120ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 201ms
86ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 291ms
138ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683783_9y26f6o6y&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=58b44899d28bf17&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
169 B 92ms
34ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 148ms
51ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

26be7aa25eb5523b05ac27e615580710326f526e3033e79b9026bbdc83aba847

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: d2f7fcca-20a9-4c4e-8460-099d96d708d3
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 100ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
222 B 197ms
71ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 00000000000000000a4aaa24d6b6d0c2:e7895f9f566f203a:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 90ms
35ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 97ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 306ms
105ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 195ms
85ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 186ms
135ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4d095771db-LHR
access-control-allow-methods: POST, GET

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 137ms
45ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ed9058394445ee5619b3237e6f6ef2d595be99b2dd1bbf3469792177fb7cae57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: dad8cbec-eb8a-4d7c-9bd6-c393e09a4a76
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 160ms
81ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 267ms
129ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 221a98ed72ece7f8b065aa3ea3aec742fe1445d6f56befdaf75f9c5077ff45b4

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 191ms
71ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 000000000000000061c8424494c37219:b82a9f43adad809a:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 96ms
45ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=49993312149&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
155 B 268ms
123ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683781_3ipfggj4w&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=882c35d45d729f6&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
444 B 119ms
45ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1099121-7&cid=289627364.1664937684&jid=1363099208&gjid=505059051&_gid=873588498.1664937684&_u=YAhAAUAAAAAAACAAI~&z=13643936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022092801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
128 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 21:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130694
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Oct 2023 21:22:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 368 B
191 B 132ms
50ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subject.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166
x-xss-protection: 0
expires: Wed, 05 Oct 2022 02:41:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 55ms
55ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1930634461&t=event&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=subject&_u=SACAAUABCAAAACAAI~&jid=752336123&gjid=662844720&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&_r=1&gtm=2oua30&z=1445569595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1099121-7&cid=289627364.1664937684&jid=1363099208&_u=YAhAAUAAAAAAACAAI~&z=290979615

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 210ms
77ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1099121-7&cid=289627364.1664937684&jid=1363099208&_u=YAhAAUAAAAAAACAAI~&z=290979615

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 19 KB
2 KB 141ms
58ms XHR
application/json 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=subject.com.ua%2F&tag=subject&domain=subject.com.ua
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b84323b0c18b94cdd8947b85ee672a81332c8861f4bf84b7daa4eddd6afda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g55iCxJAw%2FafPMXvN3hnJTPYeZFw%2FTqJy29707JFQ8k9qqCN9Fi5J7NlMA3wpfB9iRrvOtonHYdmVbvmsZA%2FTnwZT9h8E7BvtHBqLBN2VRZoOtoyuWOcAycyTjAawDw8MQ1xbY4LBTLYf97jZ76W"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
cf-ray: 7552cc4e5bb775db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=pageview&_s=2&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAUABCAAAACAAI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=1264476396

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2DB5 0
20 B 51ms
50ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKe_jgEQ756RARjE6erUATAB&v=APEucNUBMRHHO_9sSCIQ5G4T3qb0I5m6oX1N1qYsBZ9c3VzpIKtQuTplV8sdM6AMDZCBQ7BX-XFAIKKwc01kQ19xgownFhbvZQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664937683&rafmt=1&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683597&bpp=2&bdt=373&idt=157&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=117996481162&frm=20&pv=1&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yi0kGUMoRF&p=https%3A//subject.com.ua&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664937683&rafmt=1&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683597&bpp=2&bdt=373&idt=157&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=117996481162&frm=20&pv=1&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yi0kGUMoRF&p=https%3A//subject.com.ua&dtd=162
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Wed, 05 Oct 2022 02:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DC76 70 KB
32 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwKwesRKr3JVivxuO4zAg4IEufZMi9_sO1Q1IAq6ULm_QE7wpxguew5zRok8f8la_eaxncu9xa9R-rQ4mBS53_RhvA-g&cry=1&dbm_d=AKAmf-BHUSLZo_S8y2NL1eSNNqjjaW3HZ1MTZ-CMNT8IRkPWN077LQHpxFo-yJLMlCWY9XOIEqG1sBbHkAO89vxpG08g4SVMfZK89-QSuEhfum6kFpcRnYcOGyA9UmqvznPoreKIRRnIDnOn8X80kNFOn23CutsUfJXkkceKJnWkOY9A8cy5d19K9ccU3nJcgq5UkdTXPLforEhAUYRfnqgT13JI5ugGgmAn6jHMb6nIdzarZNAf3MrcdtQmkZMaw5pBa3N_LeLRhx4PNhzLIxBlHlrXqiHKRS2nQApESFvLZLbKrE_ErA5vwiUWN-VrSQZ-lhG7jWGsblXKdIJiWrEG_PqDa_03ZkS5TpJvigxGgfORepVq6bG0dPhRObl99g1iyBxmFYpI1oO416B1HNvoZl6_1Q0SMNcFOtUk8fF6aOJv2_WAhU0KeUUC_AbaShD-EEtkjGlIWv4Ox4UNMFpjmy-JBfTc57pvQv8r8lrKoOkMaSTepSsGb0fR_jnmR38jNMNOveWY9aOIP8aqtdEu0EnVxIIZSt3Wc21F4d5wP0vutlbeRNnc9Z7t__METvmv1BmrCRBnAk3YxlhDbMhec7LDjaXZ5vhv-axrqWiuOfacE60lLVhvXVilZbX-mSTFVfm5joNOg1yfhBXZUHiVoJ-yK6BwGM7DW_Rs7641KPAMKYttmei5tM0fbHudyM7Vh_J0g42RhqNE5oNwdqcoKjyvIoLf3HHClg1jbjIzkXeSfYvb8GlBRl1y6to_tyWLtuoGA24XGbocItb6EwM8uLLJql-XV-QbS97ziEzBU2AHfF0hPfGOslejTREtJgwOQI95jkIMcBl0Fu3MU7LVi3UpMSQweBP8VCNDXtyoUl8_-4tExkehslrdA-Yqa4kwbzASuBwb-BpC1q-6751eDJ91hpicN8F_f2qclwQxWGLql3ApjFQJnm68N22IAxb9OV7bca79OwxwzcVaqFHb2EkoYKcAf09a3dWwNTeNpzJtG2mxRg5GwfX2bojrddakAUBzXMqNWhyuGgN3QDcivP7GIXPlPaEIB8UTxusnRMH3yxosrh5S4j8UT4gCuXQ_Fh0ZQ6HasmH9XP06W72jAsvCv3jeoTb65siXhlIyDbe13Xo-D8OvQmmghYQPuGFB3vZgQf826W9e400S2sPS-upe2mXdHVbESSjRKgdH5d6OU0Hic3_mP4N9W5nt3TBLa6kirSQ58SK_saXlNi9tNR6h4RTp1TqZY8Ju2BZS6wop-55ZzPVOVNvNTTBHZZJqMoo-dwWozvJ4dVDwa-EZETwL1X8CfxIr-Y9gX2VQU9-Pl5F73qKh6KccfGVFJjqlfrpa5HQNiIFduK8ja-HO9DmnATrzlwBHcWwR00GGsQxqFqUEGZOaAP6SAiNgSBc7eEiJK3I4uUTHXlMEBdgRmRHgzfUTeEjuLAnK5FoPbgDiUUi7zFtTdiYUqw_MM63aVa12y4HasfvNP_kxktIGAaDSNnIZrdPiNTJLj3xTATMrTAIXgAmG5FydRb0GqW1DRPAM7UACdEWNMYntmsi8UdWuJ4fUAMiGDLuDiv0LtqFC0kLa6tWHmVt-iEV6pJpefblZ9VrxEwQDF4cpT97PPyfFX3DRUprnm4mfpBt0KGhegath3N4BDjomXjgTuAwo8eWEEGkpG7EuA_VSHXmjGU1pcs6qvOK9wWYuE0ajMCUJxIb881oWJSEMtuN4oZDwEithx-cbJoxGMYOsOt9rXOs_niCwVAYsM8Y7nRwbGSAELNcs7QI_3xtAXQeiDO29y_TnhwD90s-snklKLB9OjFsfbK2tdP2Rp2I-aKybuOc5PH_bRaqJ9frBcoXLbUNEGR9kCewQUGnIcw4O_OS4I8M-gZiBkvhjmyNCi4cKa09xVh18nuUhsZuYb63Ou3jvKyVHdncIDwuF9cSQmhdoszaVBJeJMCPy2-5igJzLwkQTCuW6I8PxNmWvIEgq3ImD_wubssR-nCuRl31xgV0DX16d2eSbN5Ee161SZ0n-7eR9YrobRF-0VaDrw5e8qg2BZwKXtPCcNO22pa1tpBDDv8Cw3jBF2Y2W1hfrDmnToAsriuP1tdnTt4g3ONpn1ZcLFM-TTu7HaytaKEvOAgaORH9EZ8C6S2XeOf3Swyw8l2SPX6YJcm_bkEOUzc76gBTV9O4hSrQtZ-nNaLqHoa-Cv9FaMp5OXXhesEvE3LH-yxWgp8I3_whr8FkVyw6Tk0K5pxbChKZgFLntYnXvcQiWkW5u0Xdi6I75b1apEombg7b9hulPF86ouPgAjn4jSNbTvNl3Sj-gt7VZfZJNYdBXf940UYH0NQu9wDB0TOee3avBkUlhG8SxkxkwXsuRIoS6bAX-PFWu3ojC-95rTY0hgGKVpyFbQ2NyemYUmcl-Pc-aDQvVv6DfNCVn8PhN7vp6zI5tlStBh1D8h43ttaJGuSOzTz7J-Xe0rxFv0T-fmBx4UqtS7sKOSWQGiqW6tgCv9cslkxlWs9Q_BovJonYgx2TTmxHPHaIZ233OJwJV7SFv0gr7DmLAhOO4WsTcgLkZb6u5HbDgS-Ggw38bxHm6gB15B7NMOs12YLlL37F8UXI9s22lgm6t5E3NLDVMbe7BJ84_m7vWU2FyRPH-9HTnNqSmwM2tT7h2ikdob-xr7mGNGvDmre_72C-noKR3acfjzoF4kU9RU2K1LgxX4xSGG3_mowCy0WCnCsOdTMq9Z7XZ4nfhZZwnpq9WBnyISYSVRJtxaqmsmSyqCdUtmtDiS0b_MF6Wo-jdfXinH_5psn8sHoK5nR6lN5WP_0tCAnTc36bd398ygdlSdt2ydS9kbQ-WQkebp_RfLzkvNfgRckxMt9jRZRJPNGt4oIoTl7ic2NXA2Y_HLjOsaFOfaX5ueWH9VCWRFR1A09pKOZ-K-omsZ485JC3LyliVdhwhy2Bd12VpNTxrYKFuD2DzgbTrFlwnBEYryOaf0PRonlbr8YAGKi2WAQbe1gkgsqHCCJkj8x0ocM-wjD96LTCCBdyRQDB5dGwfI9pi5djoGciY8z9cnajNv1CiaqVcbt-txEjPandD4EQlX_3hjgik6uzxyPQplLYZLPA3FQ0sEw01zJ8yPyK120gIDHyp3lFPrtDAm8JJaFxVLpf8vwIto3P8KFQJ-o4jB5PXGR-zNMfUQ4kUMiuAskIGnbf5GMBD9vhISMlSegz7SGFs0Rk6AzzQW99zO6OWPZe9pKeODnN9eddDAh6SjLUKri3wEYgNRFlLipcjnkCYiQWjkLVARsrUWwQUNTNlYVyrpcqzJ3E7ZM1eVvQnDnPr0AOW-jnc-S6_UOP1lZFYPWI0ejy9yzZmmuZdn2g4UmAebWTb2NJVLdH0PRJxXCI&cid=CAQSGwCsnQUxuUvXUbtIVC8dgCgD1DxRQ7QYWaDaYxgBIA4&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8138dc9074bea1339cfb184e2e8ad474f0caa16edf1be57d33d675b040ad3a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664937683&rafmt=1&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664937683597&bpp=2&bdt=373&idt=157&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=117996481162&frm=20&pv=1&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31069961%2C42531705%2C44769305%2C31068920&oid=2&pvsid=4113382099885249&tmod=550026281&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yi0kGUMoRF&p=https%3A//subject.com.ua&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32976
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DC76 3 KB
1 KB 133ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:29:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DC76 17 KB
8 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:26:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC76 141 KB
44 KB 182ms
73ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC76 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiHOWdc-ckG8cIBc5uAneYFW87DEKYphk8AY2W7JQno4yGgmwnpyL4jsKV9nqcbFp7JRDeRO-GBubrSey934XrU8ED6Kn0f4tGKwwcrSa9QR39oBE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 151 KB
54 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fde3097a59907bb2a70cc7ef0d01c194c3c249467e733e67ecb2506a9b2fbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55048
x-xss-protection: 0
server: cafe
etag: 12444567079855609919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:41:24 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 79ms
78ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 102ms
101ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 41ms
41ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f3fe45ab68cefddfbc58b9834d58616a7f890fe18e5ea170a8c626de0048e4d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: d0b79ad5-d279-4e15-94db-ae8c58b92574
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 37ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
35 B 135ms
135ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4eaa6d71db-LHR
access-control-allow-methods: POST, GET

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 35ms
35ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 71ms
70ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 0000000000000000b0bf4bc4535497a7:9e09c4a4ce4a48b1:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 113ms
112ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683783_6o08nmqh8&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=104a8e99bb6d08ba&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 42ms
41ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 45ms
45ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=46872574365&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 129ms
129ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: a9df1b0abb56a7118f7dd6b8954c23337cfecff5c75b3ba01d119eddcc26c0b1

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 137ms
54ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
12 KB 379ms
379ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4113382099885249&correlator=1395759871211558&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W2&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C240x600%7C160x600&ifi=3&adks=368419377&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd09b4aacdb19ed76-223c6e443ace00ce%3AT%3D1664937683%3ART%3D1664937683%3AS%3DALNI_Mb3DbxA8WX98lNrWh2An4Ds0vtmjw&abxe=1&dt=1664937684277&lmt=1664937684&dlt=1664937683224&idt=1002&adxs=14&adys=1577&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=240x-1&fws=640&ohw=0&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe421e7d12d9a409cdf4d91c55b98a3edcda4da045998b0f2475a11b9f0494e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11799
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subject.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F75A 6 KB
4 KB 243ms
87ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Thu, 05 Oct 2023 02:41:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 75ms
75ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 42ms
41ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://subject.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
35 B 133ms
132ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc4eea9571db-LHR
access-control-allow-methods: POST, GET

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 121ms
120ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 133ms
132ms XHR
text/plain 18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664937683784_tx4b1x775&w=120&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=120c3d4743ff212&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-expose-headers: X-Vd-C
access-control-allow-credentials: true
server: fasthttp
vary: Origin

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
1 KB 121ms
120ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: 67ab35aae4ea24489827fde4b437092f8b7f73ad8710e51a130992f4bb6fc742

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1192
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 41ms
41ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cacb6a524cd599dacba314d7b1ce4744d6e2c986f274efa4eb18aa5b61470c4a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:24 GMT
AN-X-Request-Uuid: d3e8a46a-04b2-4463-9529-9efdaea678cf
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://subject.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 34ms
34ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Wed, 05 Oct 2022 02:41:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://subject.com.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 49ms
48ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=34657132784&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 37ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subject.com.ua
date: Wed, 05 Oct 2022 02:41:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 71ms
70ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
uber-trace-id: 0000000000000000b8e2553534e93f52:febd3b0752089a00:0:0
accept-ch-lifetime: 604800
access-control-allow-origin: https://subject.com.ua
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 589ms
589ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4113382099885249&correlator=1395759871211558&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=4&adks=2355166839&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd09b4aacdb19ed76-223c6e443ace00ce%3AT%3D1664937683%3ART%3D1664937683%3AS%3DALNI_Mb3DbxA8WX98lNrWh2An4Ds0vtmjw&abxe=1&dt=1664937684299&lmt=1664937684&dlt=1664937683224&idt=1002&adxs=636&adys=445&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70cd062b30336435058a6007dc319563270279d287e78143c963f66baf34728b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10007
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
254 B 807ms
807ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4113382099885249&correlator=1395759871211558&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=5&adks=3513837944&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd09b4aacdb19ed76-223c6e443ace00ce%3AT%3D1664937683%3ART%3D1664937683%3AS%3DALNI_Mb3DbxA8WX98lNrWh2An4Ds0vtmjw&abxe=1&dt=1664937684307&lmt=1664937684&dlt=1664937683224&idt=1002&adxs=636&adys=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a3890dbee2a2b554232acc9c16075307e15f0ff8f4c11a2ddcc61ba5974802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 98ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:24 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 84ms
84ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1177
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RTbIrOo7GGJ3AHgk96Qvj8mmXpruZ27hbdU8jUEVh2WLl7fVs3%2B18mASRbjtp5spa63B%2Ft9%2FH5t2pGwsGrqLuZwMVewsMrq1iK5O2vgkdWo19VEubUS1h8i8uzToPaHb8otK8GF2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 3646601 3177675
cf-ray: 7552cc4f4ce971c2-LHR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v6.24.1.js Show response
a.vdo.ai/core/assets/ 450 KB
126 KB 47ms
46ms Script
application/javascript 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1170
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Sep 2022 06:21:51 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXEdh%2FmuA3qex4iKkAHabkzfpgfNRCCcGsaW4pjtyMCdUeD2IZB2mJqP%2FRgkXm1Xkx%2Fhk85CIVpuJoTXZol4jccJ3ZVRmtyTo7%2Fp%2Bbjx3fNC8AkAa4GQ7WRPXcLu4ufD89zdHRYNNw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 3565245 3563988
cf-ray: 7552cc4f4cea71c2-LHR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=event&_s=3&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=subject&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=1378251593

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 1032ms
1031ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4113382099885249&correlator=1395759871211558&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1200x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=6&adks=2759730245&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd09b4aacdb19ed76-223c6e443ace00ce%3AT%3D1664937683%3ART%3D1664937683%3AS%3DALNI_Mb3DbxA8WX98lNrWh2An4Ds0vtmjw&abxe=1&dt=1664937684352&lmt=1664937684&dlt=1664937683224&idt=1002&adxs=315&adys=28&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57b3c7f9b070c3fc5c4ab2aab3867a92c523b3185d9eeb53f54a6b5f64933853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12719
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subject.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame DC76 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwKwesRKr3JVivxuO4zAg4IEufZMi9_sO1Q1IAq6ULm_QE7wpxguew5zRok8f8la_eaxncu9xa9R-rQ4mBS53_RhvA-g&cry=1&dbm_d=AKAmf-BHUSLZo_S8y2NL1eSNNqjjaW3HZ1MTZ-CMNT8IRkPWN077LQHpxFo-yJLMlCWY9XOIEqG1sBbHkAO89vxpG08g4SVMfZK89-QSuEhfum6kFpcRnYcOGyA9UmqvznPoreKIRRnIDnOn8X80kNFOn23CutsUfJXkkceKJnWkOY9A8cy5d19K9ccU3nJcgq5UkdTXPLforEhAUYRfnqgT13JI5ugGgmAn6jHMb6nIdzarZNAf3MrcdtQmkZMaw5pBa3N_LeLRhx4PNhzLIxBlHlrXqiHKRS2nQApESFvLZLbKrE_ErA5vwiUWN-VrSQZ-lhG7jWGsblXKdIJiWrEG_PqDa_03ZkS5TpJvigxGgfORepVq6bG0dPhRObl99g1iyBxmFYpI1oO416B1HNvoZl6_1Q0SMNcFOtUk8fF6aOJv2_WAhU0KeUUC_AbaShD-EEtkjGlIWv4Ox4UNMFpjmy-JBfTc57pvQv8r8lrKoOkMaSTepSsGb0fR_jnmR38jNMNOveWY9aOIP8aqtdEu0EnVxIIZSt3Wc21F4d5wP0vutlbeRNnc9Z7t__METvmv1BmrCRBnAk3YxlhDbMhec7LDjaXZ5vhv-axrqWiuOfacE60lLVhvXVilZbX-mSTFVfm5joNOg1yfhBXZUHiVoJ-yK6BwGM7DW_Rs7641KPAMKYttmei5tM0fbHudyM7Vh_J0g42RhqNE5oNwdqcoKjyvIoLf3HHClg1jbjIzkXeSfYvb8GlBRl1y6to_tyWLtuoGA24XGbocItb6EwM8uLLJql-XV-QbS97ziEzBU2AHfF0hPfGOslejTREtJgwOQI95jkIMcBl0Fu3MU7LVi3UpMSQweBP8VCNDXtyoUl8_-4tExkehslrdA-Yqa4kwbzASuBwb-BpC1q-6751eDJ91hpicN8F_f2qclwQxWGLql3ApjFQJnm68N22IAxb9OV7bca79OwxwzcVaqFHb2EkoYKcAf09a3dWwNTeNpzJtG2mxRg5GwfX2bojrddakAUBzXMqNWhyuGgN3QDcivP7GIXPlPaEIB8UTxusnRMH3yxosrh5S4j8UT4gCuXQ_Fh0ZQ6HasmH9XP06W72jAsvCv3jeoTb65siXhlIyDbe13Xo-D8OvQmmghYQPuGFB3vZgQf826W9e400S2sPS-upe2mXdHVbESSjRKgdH5d6OU0Hic3_mP4N9W5nt3TBLa6kirSQ58SK_saXlNi9tNR6h4RTp1TqZY8Ju2BZS6wop-55ZzPVOVNvNTTBHZZJqMoo-dwWozvJ4dVDwa-EZETwL1X8CfxIr-Y9gX2VQU9-Pl5F73qKh6KccfGVFJjqlfrpa5HQNiIFduK8ja-HO9DmnATrzlwBHcWwR00GGsQxqFqUEGZOaAP6SAiNgSBc7eEiJK3I4uUTHXlMEBdgRmRHgzfUTeEjuLAnK5FoPbgDiUUi7zFtTdiYUqw_MM63aVa12y4HasfvNP_kxktIGAaDSNnIZrdPiNTJLj3xTATMrTAIXgAmG5FydRb0GqW1DRPAM7UACdEWNMYntmsi8UdWuJ4fUAMiGDLuDiv0LtqFC0kLa6tWHmVt-iEV6pJpefblZ9VrxEwQDF4cpT97PPyfFX3DRUprnm4mfpBt0KGhegath3N4BDjomXjgTuAwo8eWEEGkpG7EuA_VSHXmjGU1pcs6qvOK9wWYuE0ajMCUJxIb881oWJSEMtuN4oZDwEithx-cbJoxGMYOsOt9rXOs_niCwVAYsM8Y7nRwbGSAELNcs7QI_3xtAXQeiDO29y_TnhwD90s-snklKLB9OjFsfbK2tdP2Rp2I-aKybuOc5PH_bRaqJ9frBcoXLbUNEGR9kCewQUGnIcw4O_OS4I8M-gZiBkvhjmyNCi4cKa09xVh18nuUhsZuYb63Ou3jvKyVHdncIDwuF9cSQmhdoszaVBJeJMCPy2-5igJzLwkQTCuW6I8PxNmWvIEgq3ImD_wubssR-nCuRl31xgV0DX16d2eSbN5Ee161SZ0n-7eR9YrobRF-0VaDrw5e8qg2BZwKXtPCcNO22pa1tpBDDv8Cw3jBF2Y2W1hfrDmnToAsriuP1tdnTt4g3ONpn1ZcLFM-TTu7HaytaKEvOAgaORH9EZ8C6S2XeOf3Swyw8l2SPX6YJcm_bkEOUzc76gBTV9O4hSrQtZ-nNaLqHoa-Cv9FaMp5OXXhesEvE3LH-yxWgp8I3_whr8FkVyw6Tk0K5pxbChKZgFLntYnXvcQiWkW5u0Xdi6I75b1apEombg7b9hulPF86ouPgAjn4jSNbTvNl3Sj-gt7VZfZJNYdBXf940UYH0NQu9wDB0TOee3avBkUlhG8SxkxkwXsuRIoS6bAX-PFWu3ojC-95rTY0hgGKVpyFbQ2NyemYUmcl-Pc-aDQvVv6DfNCVn8PhN7vp6zI5tlStBh1D8h43ttaJGuSOzTz7J-Xe0rxFv0T-fmBx4UqtS7sKOSWQGiqW6tgCv9cslkxlWs9Q_BovJonYgx2TTmxHPHaIZ233OJwJV7SFv0gr7DmLAhOO4WsTcgLkZb6u5HbDgS-Ggw38bxHm6gB15B7NMOs12YLlL37F8UXI9s22lgm6t5E3NLDVMbe7BJ84_m7vWU2FyRPH-9HTnNqSmwM2tT7h2ikdob-xr7mGNGvDmre_72C-noKR3acfjzoF4kU9RU2K1LgxX4xSGG3_mowCy0WCnCsOdTMq9Z7XZ4nfhZZwnpq9WBnyISYSVRJtxaqmsmSyqCdUtmtDiS0b_MF6Wo-jdfXinH_5psn8sHoK5nR6lN5WP_0tCAnTc36bd398ygdlSdt2ydS9kbQ-WQkebp_RfLzkvNfgRckxMt9jRZRJPNGt4oIoTl7ic2NXA2Y_HLjOsaFOfaX5ueWH9VCWRFR1A09pKOZ-K-omsZ485JC3LyliVdhwhy2Bd12VpNTxrYKFuD2DzgbTrFlwnBEYryOaf0PRonlbr8YAGKi2WAQbe1gkgsqHCCJkj8x0ocM-wjD96LTCCBdyRQDB5dGwfI9pi5djoGciY8z9cnajNv1CiaqVcbt-txEjPandD4EQlX_3hjgik6uzxyPQplLYZLPA3FQ0sEw01zJ8yPyK120gIDHyp3lFPrtDAm8JJaFxVLpf8vwIto3P8KFQJ-o4jB5PXGR-zNMfUQ4kUMiuAskIGnbf5GMBD9vhISMlSegz7SGFs0Rk6AzzQW99zO6OWPZe9pKeODnN9eddDAh6SjLUKri3wEYgNRFlLipcjnkCYiQWjkLVARsrUWwQUNTNlYVyrpcqzJ3E7ZM1eVvQnDnPr0AOW-jnc-S6_UOP1lZFYPWI0ejy9yzZmmuZdn2g4UmAebWTb2NJVLdH0PRJxXCI&cid=CAQSGwCsnQUxuUvXUbtIVC8dgCgD1DxRQ7QYWaDaYxgBIA4&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:40:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame DC76 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:33:44 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC76 0
622 B 241ms
98ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsRuVwAY1Q6YwBiUNPh8fEmAKqyRsPoO8qLyoaGlltCiz7pICEciZ2t3OK3facCDK8XvNPFwznGHiLtdBjnvxSFb15QL2ucf4qnoUvUGAL2UICHxc0-s3tQaA1FSEYp3Wv81tK4X83xqP_YXkL1JpcjHXrbFVHeD5lMLEavWX-M3ndsfu3TjUp2YJaE9aBm1HbR5lUt95ppBV8Ifj_w6fLkmH1YwHScOgtEn6EWmi5z_PECpzkYTfdd0G2vPg-1qlTYm1GpzLg7MT3uzEJu2SLcBy0px04DSTi2z7mL-PWXrqtCnKtJtitzBVfRm1Fc2WzZp0wSPdKkPghjGTN-vz5-26wu03MS0fYpQmzsljJYvCUqCBlhFvy64Ke7sKUK1-cNjthUyKHRua1nEji9DgDWpchQTKvliBG3yEe5O1zRoDfF3ki7HcxKm38rZ4iv9QlA5jik6J_DCtFvZPV9iAfdg0WKl3rA3wsamP0MgxEpeoLiRCvqmkI2_TptLMtCaZ0mnvriUV1am91v0mM9ODuMxSLlXcb1R30HKf-lsT2QISPBzQA5HwHgsWKyJugE7HjFKVtEgBAmuqla-9Y98JXr2KJbK1mgvB1kVeppkQTljCgmsn4gV5iViBhsqA4XgjydaGCnW2GFGFrCynWxj05q4cnLXQD47vAqWd6U6-hz6NI77DFWzRoEhBsBKDz2OJC1nN2E7657tCj4o6iKi1rrD-3Bjv_sVnWFVv8I8h2WydJ8Oa4i1Q1__5mWyC4kLq-l54aN7H-h9lSrvyhjhUsnXp0l3GVpRQBVjqO-oPXNrgCQqSe-38i2vVRT6kyj0YBOIh3LTU_K3bSC2GbjRuNawU-miU45Et2RZSi8zhFj4eiuE_qEHOcnl22p3_t3qLpOz-_iVhZk2AYmFBvvF0vSDRXE0SrrnBMEniziKYYnxRavEA_IauBiU0ihGXfyl1UCZVBbY_e-NfwNZv5Lwy1DrjhNv7gMEPjpmjYPmfi_3tFd2q4XZCdgkd2E1GkvAxfgCo_dO98TIimZPVIBKy4vKbXkrcBDaepRjLCrORS_zwpLG5aKvW9GHQyn_tRJw2h3NakYe82XkgU9LzH2S9l20fb2K6qOOWyp1dEdPFvPZJI-pjV-rmJftrFfNniwBBr1dWI1IFd4VvUDCcN9b9a03CURPYYs36nfw0Y43oLlPQ&sai=AMfl-YSGAJpVJKzeM40BJXak2-XkFvyd_MERB35nheXgCmk1KSTr1pZKjCgm3zKMFdnZ05p0KBWuaeK9hjZNauZJmpRFyz7mC8aHSNk16pHJA0g-YSwuGwwDjLgn1PEIzWkeCKUkQz9zkuRy2A6EOixozP7cYNDI-X-ZpSRDXuJ4fvXKMmLX04ds0N0&sig=Cg0ArKJSzJBCQNCCDlDfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220928.92489&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DC76 41 KB
15 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:11:06 GMT

GET
H2 200 5090529871311736236
s0.2mdn.net/simgad/ Frame DC76 86 KB
87 KB 213ms
55ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5090529871311736236

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14ab80413d386353e8bccb8a68bea36a0178a719cebfa225467c2c6900efcad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:13:57 GMT
x-content-type-options: nosniff
age: 44847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87951
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 14:13:57 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame E9F0 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 21424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 20:44:20 GMT
etag: 9671129459699598864
expires: Tue, 18 Oct 2022 20:44:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame CBB1 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 21424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 20:44:20 GMT
etag: 9671129459699598864
expires: Tue, 18 Oct 2022 20:44:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
254 B 1195ms
1195ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4113382099885249&correlator=1395759871211558&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=9&adks=2714139273&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd09b4aacdb19ed76-223c6e443ace00ce%3AT%3D1664937683%3ART%3D1664937683%3AS%3DALNI_Mb3DbxA8WX98lNrWh2An4Ds0vtmjw&abxe=1&dt=1664937684420&lmt=1664937684&dlt=1664937683224&idt=1002&adxs=315&adys=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=289627364.1664937684&ga_sid=1664937684&ga_hid=1930634461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c47c42f581619e9a58e10903a1e2a3c56ffd7b9ab7400dd26d6e91db947f9808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 133ms
42ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7f202a0758ec77276e348cf9307981e2909c68070a19d55a9b0af710488f3b02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Oct 2022 02:41:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame DC76 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10da2752f8a94bb44f51f1ccf6442d3cf6bda00df3581a6100dc1f56b3b4ff3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame E9F0 4 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 02:33:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E9F0 205 B
294 B 132ms
42ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:15:27 GMT
x-content-type-options: nosniff
age: 1557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Oct 2023 02:15:27 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E9F0 604 B
1 KB 131ms
41ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 00:55:58 GMT
x-content-type-options: nosniff
age: 6326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Oct 2023 00:55:58 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame E9F0 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 00:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 00:16:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CBB1 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnyxT0-48Y-CZMIqUgQeAuoeAAqjWqKZs_OPh1sYQ2MjTutIyEAEgsJ6yA2C7hoCA0AqgAcCMksUDyAECqQIf5bdu1T6zPqgDAcgDyQSqBMYBT9BTRQ_mUMsyk22uybPFjTKKRGY5ZCATC5JsfFlRCUkAqFHCRkWIwrL3Z0C4g-ptEDzhaDF0_m4Pt1I-_RdAVwwVY8O8_1HgYW5hXVjwqTKVuI7XtCc7u7uyeN81YsSW96tz-QZrL-GzzvMAonLyVQCDg46FdP2A0l62ZUDMj844TyfFGhLLUtZIiue2DUwkY0sqOz7OzYQSqiIznwZW2zFZPjXWZce2kN06_G7KLNedve9rtWAyf8lhXExCSszP00AKRUTRwATVy-ylhwSSBQQIBBgBkgUECAUYBKAGAoAHqPPtOqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOSA9IIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTIwNjI0NjMwMjI1OTM0ODIYAA&sigh=Ts_y5lIeuns&uach_m=[UACH]

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame CBB1 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:47:32 GMT

GET
H3 200 10519894915289135961
tpc.googlesyndication.com/daca_images/simgad/ Frame CBB1 22 KB
22 KB 56ms
56ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10519894915289135961

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

712c01bba60a56faafa661222202998100baacaa17ff25cfbf7b05266549e1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 15:25:39 GMT
x-content-type-options: nosniff
age: 126945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22665
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:27:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 15:25:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CBB1 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:29:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CBB1 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:26:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBB1 141 KB
44 KB 138ms
55ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CBB1 32 KB
13 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7871ac93634e56ecbe32dfd0cbd031981277a78b462596fed71c4ebe22c39b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13616
x-xss-protection: 0
server: cafe
etag: 250533641764032188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:47:29 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
1 KB 74ms
58ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14033d31fcb3a4846ce5dcffacb72f2683dd15c0d756664ba11850b0f4836087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=timing&_s=4&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=subject&utt=228&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=2020911742

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=timing&_s=5&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=subject&utt=244&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=1221806199

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1648810245326246d905ebe51.png
h5.vdo.ai/media_file/subject/source/uploads/thumbnails/ 56 KB
57 KB 409ms
195ms Image
image/png 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/thumbnails/1648810245326246d905ebe51.png
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:24 GMT
Last-Modified: Fri, 01 Apr 2022 10:50:46 GMT
Server: nginx/1.16.1
ETag: "6246d906-e1af"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57775
Expires: Thu, 05 Oct 2023 02:41:24 GMT

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 133ms
53ms XHR
application/json 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:59:04 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 67341
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: 4EOMWEVAyRWHpJFCyqD65HzUwsHBFbxJudYAxRBmc3qbCRE8WFTf-Q==

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 299ms
99ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:24 GMT
Expires: Thu, 05 Oct 2023 02:41:24 GMT
Server: nginx/1.16.1

GET
H/1.1 200
OK 1648810245326246d905ebe51.m3u8 Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 48 KB
8 KB 101ms
101ms XHR
application/vnd.apple.mpegurl 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: W/"62e47d37-bf80"
Transfer-Encoding: chunked
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 05 Oct 2023 02:41:25 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B3AA 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 89631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 01:47:33 GMT
expires: Wed, 04 Oct 2023 01:47:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209142312000/ Frame 983D 220 KB
61 KB 158ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 17:07:16 GMT
age: 120848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61591
x-xss-protection: 0
server: sffe
etag: "e54f9754f7fcb5b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 17:07:16 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 983D 14 KB
5 KB 226ms
109ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 16:26:36 GMT
age: 123288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5187
x-xss-protection: 0
server: sffe
etag: "59737ceedde8bf1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 16:26:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 983D 94 KB
28 KB 230ms
113ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Oct 2022 01:00:46 GMT
age: 92438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
etag: "e2dd099ef3a2ca02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 01:00:46 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 983D 40 KB
14 KB 254ms
137ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e7e5b6cfd624b3cc2615ac5dd3d3765596070a5f69b331f96dd62c31a75cb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Sep 2022 23:16:23 GMT
age: 357901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13722
x-xss-protection: 0
server: sffe
etag: "c3f927980a7fc4e6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Sep 2023 23:16:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 983D 5 KB
2 KB 246ms
129ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 18:45:39 GMT
age: 114945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
etag: "01e154329648e832"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 18:45:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 983D 40 KB
13 KB 247ms
130ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 11:38:41 GMT
age: 140563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "45d7f146b93052d9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 11:38:41 GMT

GET
H3 200 15077051172360023414
tpc.googlesyndication.com/daca_images/simgad/ Frame 983D 31 KB
31 KB 124ms
124ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15077051172360023414?w=360&h=720

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b9c14bb7c8911ce2d5f61b2909ced8fa5b7801396b72265551b57d0485cdb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31582
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 19:03:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 02:41:24 GMT

GET
DATA 200
OK truncated
/ Frame 983D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d5b86cd2b2314c020e84452aef69bd46e1d01962faa13c441e9d20b05a25f6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 983D 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 81078
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Wed, 05 Oct 2022 04:10:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 983D 344 B
370 B 41ms
40ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 81079
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 05 Oct 2022 04:10:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 983D 0
0 48ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJYmIc5SOCVDmY2gEVjDiuR6TCOIQaCcgfrm2lzZbqG5b-DnAeVxLFUja2Z03wFtQkaxAC_4Upr-KMQ7TWJprEyQHYmg
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 983D 225 B
252 B 41ms
41ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:18:16 GMT
x-content-type-options: nosniff
server: cafe
age: 40988
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Wed, 05 Oct 2022 15:18:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 983D 0
0 87ms
86ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaDqR1O48Y62YFbWDx_APoNiKcL_N_e9r0I3PipoQ1dyUpacyEAEgqoDDImC7hoCA0AqgAfCixdcByAEBqQKquKl29sCwPuACAKgDAcgDCKoE8QFP0BDUQX4RXUIZ9tHrjhnq6GtLiBV3i5OjmDe5a8VgsD_zc6qxGA3cf0PQRucSVzYALUpR5hy_NT92Nx3AHVAVok7_jrR3IG-UnCeUWVfSBziEbv2OXlAJ00xffnRMYoOJYlaN1TLbd-i2WdaX9TgthKvqLO3iw6-hPaGncDhQ4X_OC0CtwB2FtAVXEVqkavD7g2E5b8t0VfTNYZn8CgkcA7qCuSh4DlXhTOEykynmlJdcP9fBrIqqUszkghAYqPNpPf5ld5MC82tNTC3oOEgucw_Y2oL490PYVvsQBX16dGGJevHZpmldOCZPBvC-BMKEwATol43PjATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH-Ny6qAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDvWNIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIzgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=nstifQcJSQs&uach_m=[UACH]
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
BLOB 200
OK 46263543-535c-46ef-82d0-16f3716b2928
https://subject.com.ua/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://subject.com.ua/46263543-535c-46ef-82d0-16f3716b2928
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 5b4ecf7f-d0b9-4350-880d-72ef223db152
https://subject.com.ua/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://subject.com.ua/5b4ecf7f-d0b9-4350-880d-72ef223db152
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK 87981a3f-fcc0-45cf-953b-1512b2962f8e
https://subject.com.ua/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://subject.com.ua/87981a3f-fcc0-45cf-953b-1512b2962f8e
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.536.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5F4A 686 KB
221 KB 162ms
53ms Document
text/html 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 405484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226455
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:03:20 GMT
expires: Sat, 30 Sep 2023 10:03:20 GMT
last-modified: Fri, 30 Sep 2022 09:59:38 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 217ms
107ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Oct 2022 02:41:24 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 100ms
100ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:24 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700:e0::ac40:6903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1177
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdSPxNQWay49ofJR1jKZLV2mm0FzRH2t%2FN6L2xnsFR6oqmZpyxhGOqQjtc6uXcgzSM3OQlbSmVOyjenoMkoc4RiERJo1vNegBMY1ZlxJTqMyTbAC7xU1RUFCfCx4QO%2Fot%2BwtN8nv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
x-varnish: 3565093 3564005
cf-ray: 7552cc51ae2971c2-LHR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEA7 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:15:19 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CBB1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16fd8a3e4afcd021a85b3eed39be5f0f8fd1cfd925e8b49f0c8d1cc658027771

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/374003a5/www-widgetapi.vflset/ 156 KB
51 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/374003a5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deba48eda09297e99d5d687cbd1243855c92ee09312fed2f1fcdade98c405afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52508
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 00:23:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Oct 2023 02:12:14 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC76 0
26 B 201ms
91ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame BB7A 8 KB
895 B 132ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 02:25:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame BB7A 2 KB
910 B 49ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:10:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame BB7A 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:47:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame BB7A 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:29:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame BB7A 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:26:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB7A 141 KB
44 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:24 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame BB7A 32 KB
13 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Jan 2023 11:54:12 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 104ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:24 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 200ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:24 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 296ms
100ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:25 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=event&_s=6&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=subject&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=1412912750

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=event&_s=7&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=subject&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=312158278

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37497
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://subject.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame B3AA 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 16:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 16:16:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3475 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:15:19 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEA7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Wed, 05 Oct 2022 02:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame DF82 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 16:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 16:16:04 GMT

GET
H2 200 cmp-2.6.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 995A 663 KB
181 KB 40ms
40ms Script
application/javascript 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5ea150b55953103a44a0f723c971706b067dc025841534a7000c4a33daa9f9a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 08:09:07 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Dec 2020 09:14:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 85486
etag: W/"7d38e6fa1ba605a7815a6ce42f70761f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
x-amz-cf-id: CPnTnqWVw5WmN-r9m4JrUI7YlPyo-rOU1KXLROHXv1hgwN43vK-9NQ==

GET
H3 200 container.html Show response
9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3B8 6 KB
3 KB 164ms
55ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:24 GMT
expires: Thu, 05 Oct 2023 02:41:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 213ms
56ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Oct 2022 02:41:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3475
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:25 GMT
expires: Wed, 05 Oct 2022 02:41:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 995A 388 KB
52 KB 50ms
49ms XHR
application/json 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a422bcab9f89579f7f2524f7fc2655f869c2a656c24a63f5541eee2c0e3642d4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:10:36 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 01:00:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 74870
etag: W/"10559ff0fe72b588bf0418537f59ba47"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: JQ3KG5-vU-jISdXm3scMovqtQYds_n2Bh8m2Q9tcivrcxWitmWxgmQ==

GET
H3 200 ww.mjs Show response
cdn.ampproject.org/rtv/012209142312000/ Frame 983D 45 KB
13 KB 123ms
41ms Fetch
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86e7e209a0c04fa610726b9815749c659c97169d47cb2f315fd8c3c7b049d6b3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 16:31:23 GMT
age: 123002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13090
x-xss-protection: 0
server: sffe
etag: "e60c32f06602f0bb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 16:31:23 GMT

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 443 KB
444 KB 200ms
200ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-453831

Response headers

Date: Wed, 05 Oct 2022 02:41:25 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 0-453831/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 453832
Expires: Thu, 05 Oct 2023 02:41:25 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 100ms
100ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:25 GMT
Expires: Thu, 05 Oct 2023 02:41:25 GMT
Server: nginx/1.16.1

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1DF8 624 B
297 B 53ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochC1l7MBGLv4ytIBMAE&v=APEucNXACfT-EtqvRjpNrLV5eaWkZE6vo9FwxQHPONwAAP9uHIHrBuk-fDbGGhov7-9NyqgBRB7uPVhx1JHTQ50ecWIijy9dLKec9nx0OOjH6jeRH_QHFin22RMvCb-1hBQgtk5KWgh3iq-4pmCcN6XYnvcO7G8IhzDpVIoKUOIcQZLW84KZSmRuYfTopFcD82qbdPyP11J_-y-JqyAhUyTQK_5MbIHP-g

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B3B8 97 KB
37 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_lYwbZn7zNZ3fpq-Pg6nmnhJZbJAQcPwA-pefXofT5Peq0cwevpw3MGIcmPD5QtEnOyoU2TTmGEkwt8oE3NdgPGKXb01XcVoTqR7KDJQ7ArHIrDo2qUUXjbwjX5DBtO2iBKaStdXRbyW_mt53StyIE8xLy0EpBLpUyQ7kiDoDkyY8tV4&dbm_d=AKAmf-BBbY9RZauHMp4QSrsyh6nFJ1RxHiz4f-L4kUmq3ZchtmchvrK4Rn2W2Z047ht0O1ERiaqo0LPMxRTVQlKwpw-P9pPtX_9o99uz_CF5g7L2ztnbEAzVCL__XIM_PS6pBH9Rq6z6tVDujVwoX1oDt7ZtU6ozlHrmCXdVpZEb2IMWcnSH8uhckX2RfFdjTQjv4nQX7bXJLnBtq66VKmJ_QBg79V5Tr-MtsrxEhvoJhd8zEVcXHvhCZBmF0Ay4mcLRJjL-JD4cNwYwu9ctXpy53Wd0IX3s3w13y8s52zjq1-yF9g0_HZ-7Ro7esduze-uDxliPu7ZiQfHKBQbJczn2slC5SNYHcvSvX8lfs7knxP8PaRVrFJmdyyQcKu7OeBa23lJgGeu29P7kq89HFJdL0m4fuOltr5vK2FXy5Lu0moKlM--uFQKjyHzkgoUYcE880rCCNT6W8laFzX7npGmszVB7Dg_Wg8Z3NTESAeWCZoe-RspnNsNzoGacqZaxVsBl4E-SVaHqB2jw--0nMVaDtPQzJO7pIztYexnbiqIU6U601t63f9l59vKGrrHKC3iNvsiEm22-G1iun0k5xRm5WyD553_t5sgx4JHApJTyD7HqFVGYupNGN3nYP3Mlt-82f3zISARnavgxnrISPHOE1r_Fe9bzsdS64oj0s3jEpM9ckAR8N4VL_DMscqx4NhOIMeoV2E6z_WpNtLMGE2DIWqLLv1HSlGJG4_DCB1uegBMZopD-OmelUd3iQQKZGlhM8DLvmjM5oZpc2wcgSKbfn5yFDPkHydkj_7cnkO_GWqgV_isgie8B28fCIABjekVzRqslQGZznJdy_edQLg0h_PVNzregWYqBlb8nZ5XzFUPNoTKzV6OTVsn5Ktfc5KMqZcwiPMYM4L_phzDSl4zGbZENlRrLwI-Ycly3yjGflWwC1oDJvfYkYCgT_5AL9DlNna72t57GZLHOyPTwl6Yd7S25qocRyl_CVOWc5JVHPKpvYxxwOXnZiYQy62BA-fqA94kVylBbnEEnzkabfXSAmiwd4KGiqBZsSfDi3xP7k2JM0JTaa4VeR178xCTCwSMBx1jme5PtL5C9bb2RLrzXZN_2TJv_T1hK-XLCuTUkQJ2fyZsiPtWV0jQYXTF3oyKHXOlm2OC7olAiCsPMiApT4WdFmFIGeKEfulXNtCFOiI9xbQ9iBJSXzYk256yWlTR2qE_tZzVBCx4pk4e6uZHM2mY4Htwyx4UjmNYCyqpDPub5WBJmZXEYHd7Xj4CehuDO8gleqq3n2UvoKeglFaNStcM8Y3kVqd06WAjiLKrsQOc6Bb0qAibGh_TS-x9MCoKgmyEUhTQXEWmiqs3W56r4RljsK19vbAZdH8llOf2Z-A7FIIRHdsFXLeV1yno95WqOLA-YAQlS2d29jkzrdv7WLjp4zcUsbPRIP3Uqt5StN9awK3tUMSjk3HZimBaC4AuV4DL7sfDGXj3f4ZmhD2bZSDqEhfbFV0Cqe5H7vWV5xlJC9775w4C2JcQeuRpmGXis4lG4ctCN3sRJAq7o8Dx820pie3oNLh-Iltu9G4Gu4efCkEf-My9oTQUp5S98t-0V61236OXQR3grNu5NVsAPKZbnwmdLArS4NiBs1uH1QcYk9GKZbuL9ggva9uIanJJ85lIp42jp75U_KhGcvJ70iIAdIAnmbVJl_ezbGHrBK0b4Pp6Vtqfp8aXLoCpRzM1ZXeREaLkm-CtN_iJ8dEggrk15Zj6RtfzB2SmbhN0Pal7JbbO6r4rw5UzJ02CB3lWujVWDp_u92S-dcjz76LOLZUoe4FjBKtITFCfs-rUgpS6DwVKF7MEjKWpfXg6YiTQRL1oUbh7ZIV1vVfB0sENlhzkviYQjlID1PlqgfFs_B77moOI14VhPrxpe4081q2ej_hi4ZRC9QhlQJGrmcx4BA7ijLIpAU-UFCrxiOvYUdlMaxirNtBhIfPGpZ1lafYfsBmMIULUP1G7KEXOOppsKEvI7U2ZlOG_Q2VJ8ha36WGtEgnA6g9-irTA6tFHYZxWWXNiTo6c86RWDo0XxRurpOXjkIVCTZcqbhQ02zBZ_bBCzHk9W6ClZOeKGIZBAbng8fHEhl5Tqm_zS3hsdDrn5j0haDoGWCw2UhhbWXqYGjYxKF-smJPLiFIbp-Oq3Z3SwvpXT-GWbU-SSVgr2FXHhd39u7kV0dsad1_uhsM5r3nsvFi5bDSlHa7sAL3m0VUJl0abP4COOD1q8FQ9KGMqiPQbnbL3ca0L8gnWNtFQflkujG5VlFE9naAz7rAGp6Ng4mEUq2Ezzn8-fRKmllRaHWjFLWAvUmInO5ih2-2YbFZMtn42oolhmwNtpH4ErPArR63K4I5eeNqPx6F-DMIOweVdRlvp-DA18yz4kSulxyPw4JzDiDrQSEn01hXAyGNRkqSCcp2VA81-0Vp-5Z_COcADenuID7fMAcw84Jhf5NlmNo70Za0TWH8okdJg28BjwtYKibfNhLi-xV3Ms-06v_dZ6erXIYcU2FOKIxvn1hxZxmvkTaBVArsGg0wpYUOpauxaxZOWV90viGBgAjaTKLFYFcAib-m7XEIe0fAsITtae0Pd2T5k-8yE2Mj1yJO0HYo8WST19q6Zqqq2ifC0xY4pr4dHucJNC38row78qypBfDm675juaxqXKHyZ16xiuueEl9H7snhQ73RRQaoxykZ7H2T6Rkai6amUyK_rbNst7nT1PeHAkzjiUBLm7l1IotFY50_N5jn42FhGNgh-fGgBqsWSNLX93aatP50p0OKX7hMj1lKUuemDn3bQwG6OjJhAKzVYfnrGgvE4lh7WsaHY0GuASAyUY58Qywsu7QcD-H-wlfV-7QDM7EQsBDUV-SfTPurvbqKerfI1MFV2jnOplAJu9iULh7QV8FN5pqHRFAKNpGccWb_L2bbDBj0jiieouufgI2AUIKh6uvIQaq0ZiPD1cjLwJ9y20Dpl67msYvBx515mOAjF3hRkXCdLDJH6hsaSsIumDy-Dbvhpx0yosdFhWnX7igfw2oN4zfHrNII0LI21XzR36Fd-Vc1p9I7QyXtgcrPjHmNKuxCrTzAC17T2aJVnkrPpsN1W5wLCrhT_pJ00xFY9d3spfWSvWv_cMJkpIIjhrFfDUoJ_8F085jB_yUUliLWhb8ggMDabeoQjNic6CRZovNFhH9fqBbe1Uv-HGZnzpIFFQ-FMA_3ASL7nHZRxxHF9agnuHbK00CxdtFbv_bE1dKkgjy4eSUNq6xKUExQysopN1jZRSQFQpOppwqXSCZxCB4yEKRx7PU7QMInbapAJAQVkD1ShOXlDc1Vp6ddVFAewLd3I0XbswWSVWATFweB5Q2s5-XpRBQKp85hUF1CW0jfAn1JF8aZqc5jyBcvTt8n6vvMm_W6m6kAgiGg&cid=CAASJeRozH1oRyGT6MH-Hctzwqy1MzC406HtoaN467W6dDev--QBldQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb94b04c35909768cedc613bb533b6f586b2123ae60ab9b5ba46acefeb8d2565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37706
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3B8 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3RECJ_PV5NVhtjRBcLRUnDEV5F9P7zYYV1gTXR2RHCnGzdF79Gw7hBu51hSWE6LsKevWBVhRZU_UteDKHniKGGgbpWm8U4BNq3i9qJGT9rjna3hk

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B3B8 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 01:29:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B3B8 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:26:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B3B8 0
0 49ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBWIAtY3X8bCJ1HlIV1ieAls18V4d0vMKv_ELiE1THjzGEka6TWV-t9hNk2mfr2aMAcORpxmA5d4xw__nboeHRozBhjQ
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3B8 141 KB
44 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:25 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 165ms
56ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Oct 2022 02:41:25 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DDB 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 16:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 16:16:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1DF8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochC1l7MBGLv4ytIBMAE&v=APEucNXACfT-EtqvRjpNrLV5eaWkZE6vo9FwxQHPONwAAP9uHIHrBuk-fDbGGhov7-9NyqgBRB7uPVhx1JHTQ50ecWIijy9dLKec9nx0OOjH6jeRH_QHFin22RMvCb-1hBQgtk5KWgh3iq-4pmCcN6XYnvcO7G8IhzDpVIoKUOIcQZLW84KZSmRuYfTopFcD82qbdPyP11J_-y-JqyAhUyTQK_5MbIHP-g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1DF8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzzu1aYT47lQJRjfv.JKygAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&google_hm=2

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochC1l7MBGLv4ytIBMAE&v=APEucNXACfT-EtqvRjpNrLV5eaWkZE6vo9FwxQHPONwAAP9uHIHrBuk-fDbGGhov7-9NyqgBRB7uPVhx1JHTQ50ecWIijy9dLKec9nx0OOjH6jeRH_QHFin22RMvCb-1hBQgtk5KWgh3iq-4pmCcN6XYnvcO7G8IhzDpVIoKUOIcQZLW84KZSmRuYfTopFcD82qbdPyP11J_-y-JqyAhUyTQK_5MbIHP-g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeqmuH7AmquITXDso5VP3g&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1DF8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHNOGPE1OAByH4LGAHryC5Q&google_cver=1

43 B
1020 B

41ms
41ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHNOGPE1OAByH4LGAHryC5Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochC1l7MBGLv4ytIBMAE&v=APEucNXACfT-EtqvRjpNrLV5eaWkZE6vo9FwxQHPONwAAP9uHIHrBuk-fDbGGhov7-9NyqgBRB7uPVhx1JHTQ50ecWIijy9dLKec9nx0OOjH6jeRH_QHFin22RMvCb-1hBQgtk5KWgh3iq-4pmCcN6XYnvcO7G8IhzDpVIoKUOIcQZLW84KZSmRuYfTopFcD82qbdPyP11J_-y-JqyAhUyTQK_5MbIHP-g

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:25 GMT
AN-X-Request-Uuid: f0586b2b-0ae2-4d6f-b571-6124842ecaae
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHNOGPE1OAByH4LGAHryC5Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1DF8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyODc1MzgxNTY1MTgwNjY3Nw%3D%3D

170 B
243 B

70ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyODc1MzgxNTY1MTgwNjY3Nw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:25 GMT
AN-X-Request-Uuid: 0f05fb96-da16-47a1-9831-cf9d1e7f5663
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyODc1MzgxNTY1MTgwNjY3Nw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209142312000/ Frame D448 220 KB
60 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 17:07:16 GMT
age: 120849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61591
x-xss-protection: 0
server: sffe
etag: "e54f9754f7fcb5b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 17:07:16 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame D448 14 KB
5 KB 186ms
105ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 16:26:36 GMT
age: 123289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5187
x-xss-protection: 0
server: sffe
etag: "59737ceedde8bf1d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 16:26:36 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame D448 94 KB
28 KB 189ms
108ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Oct 2022 01:00:46 GMT
age: 92439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
etag: "e2dd099ef3a2ca02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 01:00:46 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame D448 5 KB
2 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 18:45:39 GMT
age: 114946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
etag: "01e154329648e832"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 18:45:39 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209142312000/v0/ Frame D448 40 KB
13 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Oct 2022 11:38:41 GMT
age: 140564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "45d7f146b93052d9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 11:38:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D448 8 KB
895 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 02:27:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 02:41:25 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D448 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 81079
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Wed, 05 Oct 2022 04:10:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D448 344 B
374 B 41ms
41ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 81080
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 05 Oct 2022 04:10:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D448 0
0 48ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScy79ksEtJv1PZJf7ggBgd3dQ0YLPIIgwP1r0ZWTOVfv2XQxm39a8ieuM99f43VsN5O0BMrOW-4lJ8OKG3JeqPM5cn_g
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D448 0
0 86ms
85ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1Ndo1e48Y9HmBcKZgAecob_wD5fTsZ5sr_zz78EL2dkeEAEgqoDDImC7hoCA0AqgAcSMgP8DyAEBqQJ9vD4uujuzPuACAKgDAcgDCqoEgAJP0NOKGRm0yXmKXFLMQz-hHAC4E5skcGoZytWeRLAyXO3yADuWJCc1_LaLnhGBq_apyPYltF5WqmO-4jhVNGtoBPRiC7tJvdVqS7p-D84XN4-PNVM0GsmVwAsT6zx12TWWn9hvv7R9IF8qAoCp9SObAeoBLIjSHBaQPY6vxLz4FEm1g5PDnbVpCQAqBXXfxVDoAG0ckVgU_Rfziaf-otGAoDIbzsg_8aJJx5erwcMIRG7_v4Bx8TCd-gL_jIymtr5Pac9XrM_86MANLJY2itx2JbVYg2chcjXZdP5J5gY5JICvcrmqMrW0OF70M4_FbUTuqlpzGQ3LCUn4rCdh42mhwASQwOTWP-AEAZIFBAgEGAGSBQQIBRgEoAZRgAek83-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDikgLSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTE5MjIyMTc3NjA5NTIyM4AKA8gLAdgTDYgUBdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=51sbK2RAZCE&uach_m=[UACH]
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D448 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cbe879424f30b22910997d88ae388629c55db06f0492e9a0cac747c4989993c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1161592/65524591/ Frame B3B8 236 KB
71 KB 144ms
42ms Script
application/javascript 52.49.50.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1161592/65524591/skeleton.js?ias_dspID=3&ias_campId=1008861293&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18425129209&bidurl=https://subject.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ih37urENCYgUXPaqqaoIZ6
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.50.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-50-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ed0bb82541de0bfb41e185eae9ceb5703826ad1fe9636d76c2623e30a26088f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B3B8 106 KB
37 KB 163ms
54ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
Origin: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Oct 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame B3B8 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_lYwbZn7zNZ3fpq-Pg6nmnhJZbJAQcPwA-pefXofT5Peq0cwevpw3MGIcmPD5QtEnOyoU2TTmGEkwt8oE3NdgPGKXb01XcVoTqR7KDJQ7ArHIrDo2qUUXjbwjX5DBtO2iBKaStdXRbyW_mt53StyIE8xLy0EpBLpUyQ7kiDoDkyY8tV4&dbm_d=AKAmf-BBbY9RZauHMp4QSrsyh6nFJ1RxHiz4f-L4kUmq3ZchtmchvrK4Rn2W2Z047ht0O1ERiaqo0LPMxRTVQlKwpw-P9pPtX_9o99uz_CF5g7L2ztnbEAzVCL__XIM_PS6pBH9Rq6z6tVDujVwoX1oDt7ZtU6ozlHrmCXdVpZEb2IMWcnSH8uhckX2RfFdjTQjv4nQX7bXJLnBtq66VKmJ_QBg79V5Tr-MtsrxEhvoJhd8zEVcXHvhCZBmF0Ay4mcLRJjL-JD4cNwYwu9ctXpy53Wd0IX3s3w13y8s52zjq1-yF9g0_HZ-7Ro7esduze-uDxliPu7ZiQfHKBQbJczn2slC5SNYHcvSvX8lfs7knxP8PaRVrFJmdyyQcKu7OeBa23lJgGeu29P7kq89HFJdL0m4fuOltr5vK2FXy5Lu0moKlM--uFQKjyHzkgoUYcE880rCCNT6W8laFzX7npGmszVB7Dg_Wg8Z3NTESAeWCZoe-RspnNsNzoGacqZaxVsBl4E-SVaHqB2jw--0nMVaDtPQzJO7pIztYexnbiqIU6U601t63f9l59vKGrrHKC3iNvsiEm22-G1iun0k5xRm5WyD553_t5sgx4JHApJTyD7HqFVGYupNGN3nYP3Mlt-82f3zISARnavgxnrISPHOE1r_Fe9bzsdS64oj0s3jEpM9ckAR8N4VL_DMscqx4NhOIMeoV2E6z_WpNtLMGE2DIWqLLv1HSlGJG4_DCB1uegBMZopD-OmelUd3iQQKZGlhM8DLvmjM5oZpc2wcgSKbfn5yFDPkHydkj_7cnkO_GWqgV_isgie8B28fCIABjekVzRqslQGZznJdy_edQLg0h_PVNzregWYqBlb8nZ5XzFUPNoTKzV6OTVsn5Ktfc5KMqZcwiPMYM4L_phzDSl4zGbZENlRrLwI-Ycly3yjGflWwC1oDJvfYkYCgT_5AL9DlNna72t57GZLHOyPTwl6Yd7S25qocRyl_CVOWc5JVHPKpvYxxwOXnZiYQy62BA-fqA94kVylBbnEEnzkabfXSAmiwd4KGiqBZsSfDi3xP7k2JM0JTaa4VeR178xCTCwSMBx1jme5PtL5C9bb2RLrzXZN_2TJv_T1hK-XLCuTUkQJ2fyZsiPtWV0jQYXTF3oyKHXOlm2OC7olAiCsPMiApT4WdFmFIGeKEfulXNtCFOiI9xbQ9iBJSXzYk256yWlTR2qE_tZzVBCx4pk4e6uZHM2mY4Htwyx4UjmNYCyqpDPub5WBJmZXEYHd7Xj4CehuDO8gleqq3n2UvoKeglFaNStcM8Y3kVqd06WAjiLKrsQOc6Bb0qAibGh_TS-x9MCoKgmyEUhTQXEWmiqs3W56r4RljsK19vbAZdH8llOf2Z-A7FIIRHdsFXLeV1yno95WqOLA-YAQlS2d29jkzrdv7WLjp4zcUsbPRIP3Uqt5StN9awK3tUMSjk3HZimBaC4AuV4DL7sfDGXj3f4ZmhD2bZSDqEhfbFV0Cqe5H7vWV5xlJC9775w4C2JcQeuRpmGXis4lG4ctCN3sRJAq7o8Dx820pie3oNLh-Iltu9G4Gu4efCkEf-My9oTQUp5S98t-0V61236OXQR3grNu5NVsAPKZbnwmdLArS4NiBs1uH1QcYk9GKZbuL9ggva9uIanJJ85lIp42jp75U_KhGcvJ70iIAdIAnmbVJl_ezbGHrBK0b4Pp6Vtqfp8aXLoCpRzM1ZXeREaLkm-CtN_iJ8dEggrk15Zj6RtfzB2SmbhN0Pal7JbbO6r4rw5UzJ02CB3lWujVWDp_u92S-dcjz76LOLZUoe4FjBKtITFCfs-rUgpS6DwVKF7MEjKWpfXg6YiTQRL1oUbh7ZIV1vVfB0sENlhzkviYQjlID1PlqgfFs_B77moOI14VhPrxpe4081q2ej_hi4ZRC9QhlQJGrmcx4BA7ijLIpAU-UFCrxiOvYUdlMaxirNtBhIfPGpZ1lafYfsBmMIULUP1G7KEXOOppsKEvI7U2ZlOG_Q2VJ8ha36WGtEgnA6g9-irTA6tFHYZxWWXNiTo6c86RWDo0XxRurpOXjkIVCTZcqbhQ02zBZ_bBCzHk9W6ClZOeKGIZBAbng8fHEhl5Tqm_zS3hsdDrn5j0haDoGWCw2UhhbWXqYGjYxKF-smJPLiFIbp-Oq3Z3SwvpXT-GWbU-SSVgr2FXHhd39u7kV0dsad1_uhsM5r3nsvFi5bDSlHa7sAL3m0VUJl0abP4COOD1q8FQ9KGMqiPQbnbL3ca0L8gnWNtFQflkujG5VlFE9naAz7rAGp6Ng4mEUq2Ezzn8-fRKmllRaHWjFLWAvUmInO5ih2-2YbFZMtn42oolhmwNtpH4ErPArR63K4I5eeNqPx6F-DMIOweVdRlvp-DA18yz4kSulxyPw4JzDiDrQSEn01hXAyGNRkqSCcp2VA81-0Vp-5Z_COcADenuID7fMAcw84Jhf5NlmNo70Za0TWH8okdJg28BjwtYKibfNhLi-xV3Ms-06v_dZ6erXIYcU2FOKIxvn1hxZxmvkTaBVArsGg0wpYUOpauxaxZOWV90viGBgAjaTKLFYFcAib-m7XEIe0fAsITtae0Pd2T5k-8yE2Mj1yJO0HYo8WST19q6Zqqq2ifC0xY4pr4dHucJNC38row78qypBfDm675juaxqXKHyZ16xiuueEl9H7snhQ73RRQaoxykZ7H2T6Rkai6amUyK_rbNst7nT1PeHAkzjiUBLm7l1IotFY50_N5jn42FhGNgh-fGgBqsWSNLX93aatP50p0OKX7hMj1lKUuemDn3bQwG6OjJhAKzVYfnrGgvE4lh7WsaHY0GuASAyUY58Qywsu7QcD-H-wlfV-7QDM7EQsBDUV-SfTPurvbqKerfI1MFV2jnOplAJu9iULh7QV8FN5pqHRFAKNpGccWb_L2bbDBj0jiieouufgI2AUIKh6uvIQaq0ZiPD1cjLwJ9y20Dpl67msYvBx515mOAjF3hRkXCdLDJH6hsaSsIumDy-Dbvhpx0yosdFhWnX7igfw2oN4zfHrNII0LI21XzR36Fd-Vc1p9I7QyXtgcrPjHmNKuxCrTzAC17T2aJVnkrPpsN1W5wLCrhT_pJ00xFY9d3spfWSvWv_cMJkpIIjhrFfDUoJ_8F085jB_yUUliLWhb8ggMDabeoQjNic6CRZovNFhH9fqBbe1Uv-HGZnzpIFFQ-FMA_3ASL7nHZRxxHF9agnuHbK00CxdtFbv_bE1dKkgjy4eSUNq6xKUExQysopN1jZRSQFQpOppwqXSCZxCB4yEKRx7PU7QMInbapAJAQVkD1ShOXlDc1Vp6ddVFAewLd3I0XbswWSVWATFweB5Q2s5-XpRBQKp85hUF1CW0jfAn1JF8aZqc5jyBcvTt8n6vvMm_W6m6kAgiGg&cid=CAASJeRozH1oRyGT6MH-Hctzwqy1MzC406HtoaN467W6dDev--QBldQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:33:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame B3B8 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 02:40:52 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D448 28 KB
28 KB 184ms
54ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://subject.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 540203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:38:02 GMT

GET
BLOB 200
OK 63c0e8be-7110-4839-9436-f6db48bd9b94
https://subject.com.ua/ Frame 983D 45 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://subject.com.ua/63c0e8be-7110-4839-9436-f6db48bd9b94
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d8e0edea595e2700bee10712435e3d827a0cd8aff499d1a20adcb701adcfde7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 46340
Content-Type: text/javascript

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B3B8 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:11:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 76D8 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 21256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Wed, 05 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B3B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c132e5244480db3c735c5baa3cac21a8f2ffc1b6c8aa787400c9e3ef0fe069ff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AA 0
20 B 78ms
76ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGnJx1O48Y9CQDaDA9u8P8tuy4A8AAAAAOAHgBAI&bg=!-fql-r7NAAYQgTJdMIE7ACkAdvg8Wst3XUB0bMPRyALVMlkh_-kbH3rw2FBtE6AL38p7y4C7VELx7wIAAAJ7UgAAAAJoAQeZAvGze6Wn-niw43MJgTKb-j8KLBefelCGAWEm1hBwhqJRdA3_Hk8kUUwfpXUR3l61JQ5vkqVdUyUWhoMA83QssPcndAhFgdKvo7ahrGSIn42MM7CWkpWJ9rAFcjU30RuyTVBA787j2NPKJxKgfm51hIgEc3J0kTCYZ-2YkrOAquC8n6QlNYbGzCoTeTpQWAZux2BO9Rld_AAW7eX5e_idtsgbUiizRWB-xEKA3hhDX0U-Qta135yinsJR_1VK5PnSiBUyUwvH2YlWugsl378Yss2RGlmMAAKPoIDQ17jtft7PolEoCIwOj2-US2FAq6rI6Fgm3yHHG0eiZcDxGhBsRuV5rPz4lNvk4olAzrbf7oEc1_QMUnCvYplv2QLi9vtAevfSX1KSSGYDKKGTz9bYX1HCFkstETYEBg9eYm-QQ1wP3o0SJZ97UVeucXPDsDOJYb3jrArAI54arOTK_ceuu2-f8KJLPJ2hyefFbT9Wb6rRkm-NLz-sqWtqWUTBzjxeI-323YqWFBowOb3QByvMUXTsNWo21l8MmHQ4CBKUu-djMcn7oYcVlKm-MJpae6rqBMC1OSMBBf8P2BUf6YmLMVTimVpkSjUJMeJEgdhRtx-n3Rdphv7aJaROXAt1s-4dTMsues_mokCPMCCXaLpAVa3MkqeyY9PVA3br5wP2LbsZxBA5F3qGYDwSKQVSjnWYddw8JOyCeNyAGrBxE4GbSUZeYg6eUQYDG3qSUNHQX8iy6zGkQDYYfkGyywyOCXabZS7BvYuWDdpx3VG9VM3GnfZkYFdIiYRkCRiKsUWeAyunKF5_hxC5o3ReTv01TXJ_yjepVidsF26Kss18cVOoskNcrR4ZMaA0fGPtn46Wk2x6038PPW8kGRj-NDH1JrL_hHoqwqBxekthujoItuPun_rvjF3uy7cG_1yKah5RASQkJA99OmOuLMG7gZs3mnvc9dOHvqxPV_AzMAOreYapL-Bep7QdMQyhbhtAlqusKlDMXWE

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D448
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

50ms
49ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: subject.com.ua
URL: https://subject.com.ua/
Protocol: H3
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Wed, 05 Oct 2022 02:41:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AEA 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 89632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 01:47:33 GMT
expires: Wed, 04 Oct 2023 01:47:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIhOAXpLFy4NMERqvB9Wt9M&google_cver=1&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8Vqd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIhOAXpLFy4NMERqvB9Wt9M&google_cver=1&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnu...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExNTI3NzUxOTM4ODA1MTk3MQ&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8V...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExNTI3NzUxOTM4ODA1MTk3MQ&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8VqdXX08dwmTgf_kUI7tCf4

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExNTI3NzUxOTM4ODA1MTk3MQ&google_push=AZmPxg9SgzD8IWb7ULZaoGhFdlFWrPohCUljPxbMKW70QZCQT_cQoeXgTR1Hxu5z6QAvyB5BVnuu8VqdXX08dwmTgf_kUI7tCf4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 76D8 0
166 B 140ms
35ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFOn34paHO3auvGUFk75JIA&google_cver=1&google_push=AZmPxg-77-DZag6gABWRcd_hYZZXfkdz44DyVwbWdzmYxoYhK3fGzo-rfOarvmFVTCmd46yZK-E_wxaCtw-skoLYjpJSTQyp0uUX
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 05 Oct 2022 02:41:25 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGz1FzZB4ad7w_0gIhIGLsg&google_cver=1&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3lF...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3CysAFAaSP5aeXAtwnTY_tmKxGo&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3l...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3CysAFAaSP5aeXAtwnTY_tmKxGo&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3lF6laxinqUvl73W

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3CysAFAaSP5aeXAtwnTY_tmKxGo&google_push=AZmPxg8p5Jv7ZomOW3v4JpFuv3Y3lvOMyTNsJrgal2kLegJBB-1JOQF68bkGBJfAbsv6KGsGQ-2CKnlVF4it3lF6laxinqUvl73W
Date: Wed, 05 Oct 2022 02:41:26 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsansJVzGHoQqiC67itaXk&google_cver=1&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWMFdTQ1AtTy1COTEz&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwmW2D07nv5igeddvfCsZe1tT-s

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWMFdTQ1AtTy1COTEz&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwmW2D07nv5igeddvfCsZe1tT-s

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWMFdTQ1AtTy1COTEz&google_push=AZmPxg-OPmH327LD7YRbA9wMwjKc-Yb4FWNaRVvJViY7ovD0URDRkxnyJ7iq-6OefVMVZiMJfwmW2D07nv5igeddvfCsZe1tT-s
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 76D8
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEHzExbxZp85GcgH35Ds9XGY&google_cver=1&google_push=AZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9OGpxlwAClhVwAmzLNv1A7fG6IGFgeyzg9zhoVIEd1qjf13aJY2mzQUg
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9O...

43 B
1 KB

142ms
42ms

Image
image/gif

141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9OGpxlwAClhVwAmzLNv1A7fG6IGFgeyzg9zhoVIEd1qjf13aJY2mzQUg

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg-aXtP5v9f6eVRJNhPZcT8W-tHJTsA2AMlj4oi4qm9OGpxlwAClhVwAmzLNv1A7fG6IGFgeyzg9zhoVIEd1qjf13aJY2mzQUg
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H2 204 um
cs.emxdgt.com/ Frame 76D8 0
55 B 177ms
40ms Image
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESELtHprcUlrCKfnWK6GRsZRM&google_cver=1&google_push=AZmPxg8OGrGdlX7imtUJIygsVnAr_uqWYtD8QVFmgm3wKt7ikOblEGWYTOayAdqIgs-Rjftt9HOtLqeoFS8O4J7NEKHcrtTdU2u8
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-length: 0
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 76D8
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEISJv0afAELcqFoUZShd8FY&google_cver=1&google_p...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg__tLQM25kW4oQpnRQ6FWgs6f2R3iEINMrCbHc2Fb0P8nnDRRQasge3yAMsaRhYxS0tDjbDN-VUOEx9dQrJpi5s-MHiDAol8Q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

69ms
69ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 05 Oct 2022 02:41:26 GMT
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 76D8 0
12 B 133ms
48ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InJQRkEOSk_0qioIHljK8U9nmB23hqNnSZnLwzIhIpvH2a_IS6zNiu_l3ezh3xA9avHxhZoaik

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 impressionTrackerAMEXIABTCF20.js Show response
a.svtrd.com/media/s/1395/1/ Frame B3B8 2 KB
2 KB 162ms
43ms Script
application/javascript 108.138.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.svtrd.com/media/s/1395/1/impressionTrackerAMEXIABTCF20.js?adId=536802144&campaignId=28503224&creativeId=28503224&placementId=28503224&renderingId=28503224&siteId=8176390&implicit=false

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-31.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bbdcb7c7165013bf5260e2d3892d69cb0e17fb33b957ee32d6e2394882d4ce78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: zxQzZtC_FgKuZbvM8VvP2p.c9hdPxypX
content-encoding: gzip
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 20:02:52 GMT
last-modified: Mon, 19 Oct 2020 14:10:04 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P6
age: 25055
x-amz-server-side-encryption: AES256
etag: W/"a0959ecd60b82e569593042a7c7b095e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3UqTYiQFNR6PvH4c0exipS3vgfcNqnQnttraGaO0JOnYah6Q0OfN9g==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/ Frame 9C99 5 KB
2 KB 55ms
54ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42a8e70d930c8aca22ff9588526f79001a7fc7d51e60d1a35d9d03441898db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 513485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1636
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 04:03:20 GMT
expires: Fri, 29 Sep 2023 04:03:20 GMT
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3B8 0
27 B 101ms
101ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoVIiYClL9lzjJVSXU9L8zQv1QRMMFtAi7Jwmtnd1vOJ1irCMpN8S9WSExW6n9yVtpBPv5te-E5rmyZXCL6BuD93RzUfRCDxGfmub8SGvuQMDVmKXqpggo0aQDjekJoz8x25u37dRq7U7vXzmO6dvo1cX8W8MKZmjzaJfvSwSfGyoJmUTxMZ2aaJVw_PCWy0XLxZcXwVUX3kZGr5GsfwBB9npSgD9TWpae_Zo5rhKQXbgs6kSyu6VaYReYHDwMHYKoe8oAfqE-s2devFtU8pTOEoLZdIx76EFYCun955ZPdte9oIcnB3rOQV-AbDZt01h0UmkTSY4_cih0ynnJ9AGyA7MmtbIm88rVktJnMUg0Jy5Tq0hyoWHHHMtZbHbTL0trkcdUt7NobbSXf49xBpB9-QdG-D8fhByQi0Bu9O0tHSYUtIFhO2SH4SL_Y6LY14z8GO6Q3tDXxuIuCZfdZ_s7OS6jp3-FxUtX_JsbPVayhyltKsj-bia1r0mGI4zayC-s2AtT96NSvQmFLnazLH67TG1p7lLR1fyxM7Mxb60ct1Ps0a3FUI9nx7ac_8LUa8jkLzysFIZi2Tsm2EYntbr8jFVOPl4z0H9HcGMw3egsXd9wt5fsoKebY-iqHYutzt8ISvPeyB_RadnySCmuvtXpPbPuR4JCLASXeln5zKwGXczV8Fzy1K87Aw8JbjJ6xv8BIq2T9Oq-W2TMUsEHfWgS5wdvJcQnNipJG_9ibiov7ys8l2LBQm19CVrtjILO2HEK1xhqboY-YQZ7HGwdZJi4SA77G2uU7dnd3bApP8ArPJAFVR2LiEFRuLmfIo_YlznANq1tdKJC39ycTpVApCXdHyWI8HhBl0nMbL64v1UJfmL-p7MfNbWDWTvIkGRgcfLdRJPNj8lkAEx9eulzdguyZegRj8uXioyqHymFPxh4JGsTStPglh1k-IPXuRh9TPTjvK760Fcrg5Xk1XsegBVAZqkiudEhpf3y7701AcSYAglMgvUPlFnLyjxnP0ILVz87MhHDwGMqoDN4PDdJCXSzO-FVkGQwqUlvmXmgKgUxTdOni81-qed21RVXeuyny0isO9NwfDypVhxBWHNMR_Im9u_RTlAGPNimnCwLzTX6atgpb9h8tUkcqscNFm4nSo1FVz3SlhmlPioJLjeiHHeG1Oi2D6OegHs9iLej5pUo8Ti0n5H1jlayJVyDlheOkxL9pFM4vby6MABGjZZXl3Qe9PmYXAX_PFKTj_Go5VG7H5eLA8ywphTz4Pt8pACJV4gVm06s8kDLhvl6sizA4pMhTME8KGTd&sai=AMfl-YRKLHG9hh8GuwCyrSgVZmY_UguBJA_RTRbQ3wGXXfTDNRq-vP2taM1d59FhsMCnOzsnIxu9IQSq9LJw-8y139s-pmxwK4WWX8sjMpGNydyqYJhDlP-nuWG5-P8uxQKUu_w_LiNF4SRpifPzPie-IhvxNQsXAzfV8Zy_sQ1gTZxhm2g47g5fIIhyJ5uZPF0IFz-70eMpscy5zTIg7zPTOoWlg2k&sig=Cg0ArKJSzM-2R912UUV4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&cbvp=1&cstd=231&cisv=r20220928.53833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Oct 2022 02:41:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B3B8
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1161592/65524591/4.js?ias_dspID=3&ias_campId=1008861293&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18425129209&bidurl=https://subject.com.ua/&...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

120ms
50ms

Script
application/javascript

2600:9000:214f:6800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:6800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:56:46 GMT
x-amz-version-id: FZXkP2_aO3OI8QUwDnwZYsLhWrQ7RnFM
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 557080
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 28 Sep 2022 15:56:39 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: jJ5aX6ikE_mXjmL9T_vVJj7yBPF-LzPY0AzMSO_q5OMFIB7I_WDvKQ==

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1B52 91 KB
23 KB 154ms
45ms Script
application/javascript 2600:9000:214f:6800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1163109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Y8sb1eXcB0Y_eeErn6vQEu3QPG7twC3Je07_xbYLNjgmo7eQR44Vpw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
215 B 398ms
105ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8kehT,pingTime:-3,time:67,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:31%7D&br=c
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
215 B 395ms
105ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8kehW,pingTime:-6,time:70,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:31%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/styles/ Frame 9C99 2 KB
808 B 55ms
55ms Stylesheet
text/css 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/styles/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8d2cc221904ee2917b4817f523ad33e2113e14b7fb35251f0f01881c1b4f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 779
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 04:59:13 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/ Frame 9C99 27 KB
9 KB 100ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/TweenLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1323533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8823
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-6bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44RQwBGH5lEEO8Q%2F1ARvnueQNQ0Yz1yH9g9gsxEKSwhpOVKEk7GaUuLr79TJnz4FwlP7phtTaaYYFqQnHho2CE6g%2BTm8GDNBGyEC9hRp3sxcNyajgjgNx0SSu8n7ZSL3JJYYXN8kkVaDeAeyeQ53XW8U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7552cc58d9340676-LHR
expires: Mon, 25 Sep 2023 02:41:25 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/ Frame 9C99 5 KB
2 KB 100ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7028334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1807
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-155b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOgboI63Lij49t3FNoZENEGd0%2Bq9UqhXC6sPu0fnxdH2zvgmpWUR9L%2BfTQ4rwr40cdSL4eiQajo7KirIQ1EBSjG4AAw7Blxi4M5LM1GhWthw%2Fn2pjM3dMMAjMC50GpKSn6L7IDXvZbgaX4inB6303EDu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7552cc58d9350676-LHR
expires: Mon, 25 Sep 2023 02:41:25 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/ Frame 9C99 40 KB
14 KB 101ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/CSSPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1051271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14328
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-a170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBJg75nxjo4ObrckKBbTz%2FAE0ylCNR7wBeLwoA%2BwRPlmoXOUVdu%2FOjCn1NXO9nmYw%2F06KZo4PP2Bt1Cqb5dGz8qjrz5QhYvUGpsrR%2FcvpjjVE3btUp7Lc%2Figi285LAj2flu1C39CGdFMMx57h3%2FcaJ0P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7552cc58d9380676-LHR
expires: Mon, 25 Sep 2023 02:41:25 GMT

GET
H3 200 background_x2.jpg
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 20 KB
20 KB 55ms
55ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/background_x2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d283ab57d5ac79dd34909ecc3b74e95c2e5b67285b242068dbbf01c0f3ac3c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:59:13 GMT
x-content-type-options: nosniff
age: 423732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20292
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 04:59:13 GMT

GET
H3 200 card_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 14 KB
14 KB 64ms
63ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/card_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c79cd290399a7bd1e8c5b648fa05415697a5926812095edefc6cadd64049dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 17:59:35 GMT
x-content-type-options: nosniff
age: 463310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14015
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 17:59:35 GMT

GET
H3 200 amexLogo_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 2 KB
2 KB 82ms
78ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/amexLogo_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccebfd0fa35dbfb74ebcd21e96b9a6e525798f7720bb2d1bd8671fc081faec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 17:59:35 GMT
x-content-type-options: nosniff
age: 463310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 17:59:35 GMT

GET
H3 200 baLogo_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 4 KB
4 KB 87ms
84ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/baLogo_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad92025d166008673342cb0e3de44cef9ddd11e78ecd1c8d79380513d55f7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:59:13 GMT
x-content-type-options: nosniff
age: 423732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4392
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 04:59:13 GMT

GET
H3 200 copy_frame02a_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 3 KB
3 KB 92ms
90ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/copy_frame02a_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

492ea1a1ee966f124ff703a08ca85a2ce9f53da93baf77e1db6b0938633c80d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 17:59:35 GMT
x-content-type-options: nosniff
age: 463310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3330
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 17:59:35 GMT

GET
H3 200 copy_frame02b_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 2 KB
2 KB 84ms
82ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/copy_frame02b_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ee60c8817ff8d412e5d2b54e4b3a530d4766201798bf7d8d13ad64fe2c154c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 08:35:07 GMT
x-content-type-options: nosniff
age: 497178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2286
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 08:35:07 GMT

GET
H3 200 copy_frame03a_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 17 KB
17 KB 137ms
135ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/copy_frame03a_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f3dd341cbb2c53a94d5eee10dcb6498a4a88fb0b1289b79a14c688bf7c8058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:54:41 GMT
x-content-type-options: nosniff
age: 24404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17089
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 19:54:41 GMT

GET
H3 200 copy_terms_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 7 KB
7 KB 108ms
106ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/copy_terms_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0d16a94cbec083874fbef45c6f6cf7bd1f442114dbce789a152809b7c9f0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:54:41 GMT
x-content-type-options: nosniff
age: 24404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7243
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 19:54:41 GMT

GET
H3 200 receipt_part1.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 32 KB
32 KB 123ms
121ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/receipt_part1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f0f0136144a585f335f42c8a6ee2d1adcc69c4df8205fc2f8b409f407aeb84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 08:35:07 GMT
x-content-type-options: nosniff
age: 497178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32634
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 08:35:07 GMT

GET
H3 200 receipt_part2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 6 KB
6 KB 100ms
98ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/receipt_part2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6baee42c5aa3adf24b0764c1c06487b77056f10859e8f3f9d4c1c3c1b2201d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:54:41 GMT
x-content-type-options: nosniff
age: 24404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6202
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 19:54:41 GMT

GET
H3 200 receipt_part3.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 6 KB
6 KB 115ms
114ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/receipt_part3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bc143dda31236ac3692e492fcfcc0c17bcc404b4d0e3dc13e9fd651ff54780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:54:41 GMT
x-content-type-options: nosniff
age: 24404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 19:54:41 GMT

GET
H3 200 cta_off_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 2 KB
2 KB 94ms
92ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/cta_off_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0423f9d17a56d47131c117695da8d5a6c2802e7d0cccc6aa2035d9fbe28a1abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:54:41 GMT
x-content-type-options: nosniff
age: 24404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1646
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 19:54:41 GMT

GET
H3 200 cta_on_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 2 KB
2 KB 97ms
96ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/cta_on_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9ff5bbd67f7d7e26bbd89bb4426493d4f6e7b8342570860a15f5640aedf78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:59:13 GMT
x-content-type-options: nosniff
age: 423732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1639
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 04:59:13 GMT

GET
H3 200 btnReplay_x2.png
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/ Frame 9C99 347 B
374 B 97ms
96ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/images/btnReplay_x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c355920560e593a5397c27c1ec924d4ba5441b36704fdbde859ee233724b92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:03:41 GMT
x-content-type-options: nosniff
age: 513464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 347
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 04:03:41 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/js/ Frame 9C99 7 KB
2 KB 55ms
55ms Script
application/x-javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4beb8d67b5e70338802650c2f8c373afd1a6c29b1500c10c71ce0d1b431aaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7880311553500728512/BA_AMEX_September_Refresh_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1856
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 15:08:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 04:59:13 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
216 B 378ms
104ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8keid,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:811,beZ:813,mfA:815,cmA:817,inA:817,inZ:822,prA:822,prZ:834,si:842,poA:843,poZ:863,cmZ:863,mfZ:863,loA:882,loZ:884,ltA:899,ltZ:899%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:31,sinceFw:55,readyFired:true%7D&br=c
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AEA 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 16:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 16:16:04 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 99ms
99ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 02:41:25 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBB1 42 B
64 B 161ms
78ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstciTcHaCld0ekl7SpJTQ007cQOTICLj0IJm9O11LoxkoZ0K_SUxsv-y8iDSxVlDT44QfGbh0I5prQuAMEyIkOHrt1ins0PRDPjX0HZMBk36uVv8FgqxDhfPt3vy4NLqrEHRk0ZDA&sai=AMfl-YSw6OofVZBW1GYyuLRynfeyu6cK_BjOFePQWwDRF4w4g3I6HqP24dDCxJ77HSw1E6HfJiV0jQWBBklCro4&sig=Cg0ArKJSzElLOJxs4GtWEAE&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=46,729,1003,1071,1071&tos=46,683,274,68,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664937684403&rpt=362&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
215 B 341ms
106ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8keiP,time:125,type:e,env:%7Bgcd2:%7Bappl:1,cnst:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:125,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,rmeas:1,rend:0,renddet:DIV,siq:31%7D&br=c
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AEA 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVEyL1e48Y4CyFaGl9u8P89a6oA8AAAAAOAHgBAI&bg=!QUKlQgbNAAYQgTJdMIE7ACkAdvg8WuO1vAdZNxWhkvj2XbX0Tf7WzD0fYSu6TLRpHotiP5puitw0FAIAAAB0UgAAAAFoAQeZAvugERIaVFAdynB1Vv_oz3piJBo--2jtdxCEj868HWCLzr1Tcho5eqVaQ8pnJQ4mZMtffcttG97rEG2DZoWufLPkipdZUV6v__7owzJfZMRQom3GFeRxwXFiOU4kQDmAk9umvSoRTMrO6x83AS2w_-sT3IIWfhb2kT2FKEVbqMZnmnORzE-yBgxNsSNNisSEU0JC9ipnqkz_6uRCuW9FxvcrwBQFqZboZ8nhIw_e7W85QnAXvbX9gDqOwR3JiJ9B473khzE8ZbxyBA5iifhaQBeZebALhAZhTKuigt0WEHD_U0_aLW1foIkrK4QepKV3Ay26Si5v-BqO6HOoS2xL5zBPPDxOl-UP9NXfLQmXTheVz5mlDVSsy5ysoVDKyPdb9U9HYH8Rt6xa5o3ptIZjqBqiYUU1uLsoowhPC-y0jx1llC7zGMeWcRqiElNq_W56yOC0dmYSlbRrWsEphtN8q3RZCzKZygpM8p0H_W51r2Ch2BP5oj9sOYCk6KRByV12qds0XniwrB_tM3yubZeak3KS_NCiuoJ0Diq-CnYISu242QNbkcQco1JlnyhqIYkCqsYvhnU52oOnDpPSTo1D9aE8JIurg4-3IKWxRNJJ-nzOlP1QyMHnkA4eLtfX-9JbStIH6_lTMLdYBif6o52NVnACfc-JY4QqP6U0hzWlDQJ3pj8cm0ctXyhMU1jXRw7azc2-xBSEdD86v6NNQsDmGFFtaH2sYGPbwfLGpJE2ICsMhuFiEVXonO7xQJTaDWePLlovBhksLVXvY5zbMoZbvJJ4kiMfic7sxO1nChhHfMXRjsa_GbVQOL68Zys_HA0FThIySDqCeuy78u-iu4cocm0kLyFVNRJHowCH3gyv61IDaI62wcqrmlzIfPXHCezyV6ZLj_dC9hqvopT8JIbIjbODDKHFOjM0zcvLxBQVztugFusp6NvSVPLX4ntFlGlGsZKctWgIEqlIxvRjLMjNmsNIUHLyk2SfHNiV46S9O7DOuiGMMiWb_CGE0sGD

Requested by

Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1930634461&t=timing&_s=8&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=subject&utt=1418&_u=SACAAUABCAAAACgCI~&jid=&gjid=&cid=289627364.1664937684&tid=UA-113932176-40&_gid=873588498.1664937684&gtm=2oua30&z=1730175344

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 16:16:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37499
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 425 KB
426 KB 102ms
101ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=453832-889239

Response headers

Date: Wed, 05 Oct 2022 02:41:26 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 453832-889239/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 435408
Expires: Thu, 05 Oct 2023 02:41:26 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 100ms
100ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:26 GMT
Expires: Thu, 05 Oct 2023 02:41:26 GMT
Server: nginx/1.16.1

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3B8 0
26 B 91ms
91ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoVIiYClL9lzjJVSXU9L8zQv1QRMMFtAi7Jwmtnd1vOJ1irCMpN8S9WSExW6n9yVtpBPv5te-E5rmyZXCL6BuD93RzUfRCDxGfmub8SGvuQMDVmKXqpggo0aQDjekJoz8x25u37dRq7U7vXzmO6dvo1cX8W8MKZmjzaJfvSwSfGyoJmUTxMZ2aaJVw_PCWy0XLxZcXwVUX3kZGr5GsfwBB9npSgD9TWpae_Zo5rhKQXbgs6kSyu6VaYReYHDwMHYKoe8oAfqE-s2devFtU8pTOEoLZdIx76EFYCun955ZPdte9oIcnB3rOQV-AbDZt01h0UmkTSY4_cih0ynnJ9AGyA7MmtbIm88rVktJnMUg0Jy5Tq0hyoWHHHMtZbHbTL0trkcdUt7NobbSXf49xBpB9-QdG-D8fhByQi0Bu9O0tHSYUtIFhO2SH4SL_Y6LY14z8GO6Q3tDXxuIuCZfdZ_s7OS6jp3-FxUtX_JsbPVayhyltKsj-bia1r0mGI4zayC-s2AtT96NSvQmFLnazLH67TG1p7lLR1fyxM7Mxb60ct1Ps0a3FUI9nx7ac_8LUa8jkLzysFIZi2Tsm2EYntbr8jFVOPl4z0H9HcGMw3egsXd9wt5fsoKebY-iqHYutzt8ISvPeyB_RadnySCmuvtXpPbPuR4JCLASXeln5zKwGXczV8Fzy1K87Aw8JbjJ6xv8BIq2T9Oq-W2TMUsEHfWgS5wdvJcQnNipJG_9ibiov7ys8l2LBQm19CVrtjILO2HEK1xhqboY-YQZ7HGwdZJi4SA77G2uU7dnd3bApP8ArPJAFVR2LiEFRuLmfIo_YlznANq1tdKJC39ycTpVApCXdHyWI8HhBl0nMbL64v1UJfmL-p7MfNbWDWTvIkGRgcfLdRJPNj8lkAEx9eulzdguyZegRj8uXioyqHymFPxh4JGsTStPglh1k-IPXuRh9TPTjvK760Fcrg5Xk1XsegBVAZqkiudEhpf3y7701AcSYAglMgvUPlFnLyjxnP0ILVz87MhHDwGMqoDN4PDdJCXSzO-FVkGQwqUlvmXmgKgUxTdOni81-qed21RVXeuyny0isO9NwfDypVhxBWHNMR_Im9u_RTlAGPNimnCwLzTX6atgpb9h8tUkcqscNFm4nSo1FVz3SlhmlPioJLjeiHHeG1Oi2D6OegHs9iLej5pUo8Ti0n5H1jlayJVyDlheOkxL9pFM4vby6MABGjZZXl3Qe9PmYXAX_PFKTj_Go5VG7H5eLA8ywphTz4Pt8pACJV4gVm06s8kDLhvl6sizA4pMhTME8KGTd&sai=AMfl-YRKLHG9hh8GuwCyrSgVZmY_UguBJA_RTRbQ3wGXXfTDNRq-vP2taM1d59FhsMCnOzsnIxu9IQSq9LJw-8y139s-pmxwK4WWX8sjMpGNydyqYJhDlP-nuWG5-P8uxQKUu_w_LiNF4SRpifPzPie-IhvxNQsXAzfV8Zy_sQ1gTZxhm2g47g5fIIhyJ5uZPF0IFz-70eMpscy5zTIg7zPTOoWlg2k&sig=Cg0ArKJSzM-2R912UUV4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=603&vt=11&dtpt=369&dett=3&cstd=231&cisv=r20220928.53833&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: subject.com.ua
URL: https://subject.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
215 B 105ms
104ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8kep4,pingTime:-10,time:512,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664937686250%7C%7C6f78f64d4c5199329a04f6a7f3cd0159%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C4e6f7a8fe42925f37f9b8515ea8a45f4%7C%7Cb29f41e786a288edc56bb98da9371ddd%7C%7Cc112413a5abf8f29dff6798fafc5c590%7C%7C48d2e144ddcf37a1d59b4cf3e1999389%7C%7C19decbceb9ade9f7423750a55225b124%7C%7C1663701684%7D
Requested by: Host: 9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
URL: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 372 KB
372 KB 102ms
101ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=889240-1269751

Response headers

Date: Wed, 05 Oct 2022 02:41:26 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 889240-1269751/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 380512
Expires: Thu, 05 Oct 2023 02:41:26 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 100ms
100ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:26 GMT
Expires: Thu, 05 Oct 2023 02:41:26 GMT
Server: nginx/1.16.1

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a5319736aa3e6e8df84e251f1581b324dc38b11544d4fdf6bcbd0190323f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0

GET
H/1.1 200
OK prebid.js Show response
tag.eu.dev2pub.com/ 479 KB
479 KB 89ms
89ms Script
application/javascript 51.91.60.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.eu.dev2pub.com/prebid.js
Requested by: Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:26 GMT
Last-Modified: Fri, 16 Sep 2022 15:30:34 GMT
Server: nginx
X-IPLB-Request-ID: D98AC46A:AB8C_335B3C26:01BB_633CEED3_1D9D41E3:ABC6
ETag: "6324969a-77ae3"
X-IPLB-Instance: 43024
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 490211

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 02:41:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57F6 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 19:50:49 GMT
expires: Wed, 04 Oct 2023 19:50:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F8A 783 B
534 B 53ms
52ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20ef7a75fad6a9f2c45225d92dfaee742bdbe39e8aaf06243afd295acaee1ce1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q-9NfmPeG27wi7m31Etsgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Q-9NfmPeG27wi7m31Etsgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:41:26 GMT
expires: Wed, 05 Oct 2022 02:41:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 427 KB
428 KB 100ms
100ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=1269752-1707227

Response headers

Date: Wed, 05 Oct 2022 02:41:26 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 1269752-1707227/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 437476
Expires: Thu, 05 Oct 2023 02:41:26 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 100ms
100ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:26 GMT
Expires: Thu, 05 Oct 2023 02:41:26 GMT
Server: nginx/1.16.1

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 57F6 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 16:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 16:16:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F8A 0
0 74ms
74ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=4113382099885249&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f Show response
api.eu.dev2pub.com/api/public/Dev2Pub/ 3 KB
3 KB 79ms
79ms XHR
application/json 51.91.60.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.eu.dev2pub.com/api/public/Dev2Pub/d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
Requested by: Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8fe004dcdfbf15beef99e806addd0edacc1addf8348d633d5a5e3452b2fa3db1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Oct 2022 02:41:26 GMT
Server: nginx
X-IPLB-Request-ID: D98AC46A:ABB2_335B3C26:01BB_633CEED3_1DAE5434:10DC0
Content-Length: 2710
X-IPLB-Instance: 42215
Content-Type: application/json; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 57F6 0
12 B 40ms
40ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G5jtUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 348 KB
349 KB 101ms
101ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=1707228-2063863

Response headers

Date: Wed, 05 Oct 2022 02:41:26 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 1707228-2063863/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 356636
Expires: Thu, 05 Oct 2023 02:41:26 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 100ms
100ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:26 GMT
Expires: Thu, 05 Oct 2023 02:41:26 GMT
Server: nginx/1.16.1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B3B8 43 B
215 B 106ms
105ms Image
image/gif 2600:1f18:1aca:4280:e955:3e30:9d62:70ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1161592&asId=66de48c3-b70f-80ca-79ec-0688792bccd9&tv=%7Bc:q8kexW,time:1062,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1062,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0%5D,as:%5B1054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tjlWR2W+11%7C12%7C13%7C14%7C1511%7C1512%7C16%7C1711%7C1712%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.1161592-65524591%7C1e1%7C1e2%7C1e3%7C1e4%7C1f,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:31,sis:213%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e955:3e30:9d62:70ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D448 42 B
64 B 81ms
81ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNT5ZZ1HvNNCa2nnaNRZ7vrxIrjHoMtSJQyQFcrFIgJqN_lxrh8AbAdsriHmlFOJjjnS2k4wg3ro2OVocKjHuUas84O28Fvd1VI7J0P-TpPTWGPqRtc1zBbIm394MJWnpoIKnwRg&sai=AMfl-YS593eXVW9ZtIbfFIitygT_jMu6t-rL3-G58GyK6hMwjz1ZtIP7cexIyX6Vm6krdP06LZnyRJM7GoFSUuF4ocKKaydoWkx0_dQlo5a02IlY5FI-JE_o3kDJqmuIG7U&sig=Cg0ArKJSzGOAm0JR7qg2EAE&cid=CAASF-RolMH16XgfWfQgj0pxlWdKFWutd4SO&id=ampim&o=200,23&d=1200,400&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=383&tls=1384&g=100&h=100&tt=1384&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 1648810245326246d905ebe51.ts Show response
h5.vdo.ai/media_file/subject/source/uploads/videos/ 446 KB
446 KB 103ms
102ms XHR
video/mp2t 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash: 1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6

Request headers

Referer: https://subject.com.ua/
vdoai: true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=2063864-2520327

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Last-Modified: Sat, 30 Jul 2022 00:37:11 GMT
Server: nginx/1.16.1
ETag: "62e47d37-cce09a8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Content-Range: bytes 2063864-2520327/214829480
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 456464
Expires: Thu, 05 Oct 2023 02:41:27 GMT

OPTIONS
H/1.1 204
No Content 1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 0
0 102ms
102ms Preflight
text/plain 51.79.20.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns566706.ip-51-79-20.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
Expires: Thu, 05 Oct 2023 02:41:27 GMT
Server: nginx/1.16.1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=4113382099885249&bg=!tbaltvLNAAYQgTJdMIE7ACkAdvg8WmHbYfp_dxFnh2XBMaFcSXLYyMvqcYmas9hz1zPsZf0wp5RAoQIAAABUUgAAAANoAQeZArX9SKTWQbjIpcVYZcCOH91XB_-s_rm7o2GVJ1y-6A80Hc_hRkicGGJFwTXoSj70Nl0lH9IB5Z-_dQYkd5pvMSpuJRzC4YUF2jLT2Rmv_eUWwhwXhDn2jrePXhqc8uAj-21B2CwPkYwL4Ur3xH2ljYsbDlUY2Zy5QqcF5sli3SlXFxFHeXJi5LVp1qX2dIz6vRhJjkahR8rag5Yv6nABXWePJqqDNu6cZfrxTgnFgeA2cxy3v6mFjV-wBQGKH6q4Spj0osv2fl1tku9Gl42UOhjzAnl7D5REQG7DhIqtTv_-sXJ6MjQLryJ54m97tKGniUI9Tc8VkMbzM8mU4bdWywQvr2NT-gltxg0HbCb_3ULj1jBwKnWXAw5Ytc8U1KpUoxn-JqZcpJ6vEAD6kGpbIs3t7Hf6IiPFiabx6qshJQW6tXE99LxAExjrE8rRKZWI6OQb0VEcxWshwdwJ-QQVSHrILvEguwAwEPcWXhllX3qcZCa0rtOFB7wW0sV60MWI_u-SgyDDwqDyBgPa5pGhsce3z7v2nIPJEIoBTxkty6CGnUakqHqyVSyHNNrS_O-bpLwfRe_RTzuHm-vVwI6BR8QLiBWykCwv4KfFR7RHRto3iD2_MVtPgeVLNPAVFBZS7eowyEOIb_zy9EJdeCLhzvdxxIWmHBhDd6tbMZNFo8wioLLwjrlZ3MMhel2rCh1vFdR67eugD997PpF9CDY1_cPRDAcz2L6Ru5oRcACb6wfnR1GnklAWRSMBPhoFEXIC9EnNk2_S8pmam7o2tYY3aAEkoVZjmVQcR63DVX0gZfFBUJytQly8M5KkrEKl114BY5YkRJaQ-k27FFufiB8YywlV5tI28LC83XR8qn4QpFEfwv_kJrA58IfK4PjW8fb9srKR1qelBMz1oP2u7NVZ2vFIsiwkS9c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 206ms
55ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://subject.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 05 Oct 2022 02:41:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 512327
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=gsCkt3xaa1EvU2R3RmlNbzFzdE8xbGY0WFJsdXlHQW1hWlV5UVpkNTJNT1pYcHdRVURsOE04djB2TVVGQ0NoZDJVZ1g5SDBROWhFeS9mNHVyMTh4RmtBeEV4SXhxRTJTWDVqaG1ZN0NNakgwNUlJdEh2TzhEejFmS3NqNU...

351 B
642 B

108ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gsCkt3xaa1EvU2R3RmlNbzFzdE8xbGY0WFJsdXlHQW1hWlV5UVpkNTJNT1pYcHdRVURsOE04djB2TVVGQ0NoZDJVZ1g5SDBROWhFeS9mNHVyMTh4RmtBeEV4SXhxRTJTWDVqaG1ZN0NNakgwNUlJdEh2TzhEejFmS3NqNU1MakxQaEIvck1Hc0g3Z3FPOVJWVEx0ZVRZa3NVMjF6VE9FVVdWRVdNaEdqaFVQcEEzR0RoQTBodXJ2NUpNZWErTUY4S1BvZHVkcFV3eGJ5S280aTFyT2xaRnNuVVN4RmZFSkQ5Y3pYQlMyTzFFUnZrWWhzPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eece307c25b22215ad5d34f5701eefdd568077f17da452d380488e9166aec71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1074078
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=gsCkt3xaa1EvU2R3RmlNbzFzdE8xbGY0WFJsdXlHQW1hWlV5UVpkNTJNT1pYcHdRVURsOE04djB2TVVGQ0NoZDJVZ1g5SDBROWhFeS9mNHVyMTh4RmtBeEV4SXhxRTJTWDVqaG1ZN0NNakgwNUlJdEh2TzhEejFmS3NqNU1MakxQaEIvck1Hc0g3Z3FPOVJWVEx0ZVRZa3NVMjF6VE9FVVdWRVdNaEdqaFVQcEEzR0RoQTBodXJ2NUpNZWErTUY4S1BvZHVkcFV3eGJ5S280aTFyT2xaRnNuVVN4RmZFSkQ5Y3pYQlMyTzFFUnZrWWhzPXw&cppv=2
access-control-allow-origin: https://subject.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 520602
content-length: 0
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 152ms
40ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 9180ad871ed5efd85e07dd24de1cf7d233d0a20404a7585f90adbea4ac90e067

Request headers

Referer: https://subject.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subject.com.ua
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 04 Nov 2022 02:41:27 GMT

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 8377 4 KB
955 B 132ms
111ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa792b4617092f363ec1236478517c4ddb8cb753942313ed5ea00ccc9f036756

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7552cc61cdf871db-LHR
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
server: cloudflare

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 18CC 4 KB
1016 B 130ms
113ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29eff119b8ef64781433bec315830452c69b02d45344afddee35723ee408e0c7

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7552cc61cdf771db-LHR
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
server: cloudflare

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EC0B 52 KB
17 KB 127ms
28ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75417
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5, 304268
X-Served-By: cache-lga13626-LGA, cache-lcy19272-LCY
X-Timer: S1664937687.409587,VS0,VE0

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame B10E 4 KB
1 KB 116ms
109ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa792b4617092f363ec1236478517c4ddb8cb753942313ed5ea00ccc9f036756

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7552cc61cdf571db-LHR
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
server: cloudflare

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1080 52 KB
17 KB 119ms
29ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75417
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5, 305822
X-Served-By: cache-lga13626-LGA, cache-lcy19257-LCY
X-Timer: S1664937687.409529,VS0,VE0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame B39C 477 B
410 B 71ms
70ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
last-modified: Tue, 04 Oct 2022 06:09:56 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BB74 15 KB
6 KB 222ms
60ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame C0DF 4 KB
967 B 107ms
106ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89c532f294a91ddb4bd97fa91878aea5061b02856fba5e297cdb60f29932cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7552cc61de0471db-LHR
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
server: cloudflare

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 841C 477 B
319 B 72ms
70ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
last-modified: Tue, 04 Oct 2022 06:09:56 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2951 15 KB
6 KB 210ms
61ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 66F6 15 KB
6 KB 207ms
63ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 04D9 15 KB
6 KB 262ms
122ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame E392 0
0 46ms
43ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1664937684073&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 2D7D 4 KB
1006 B 113ms
112ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa792b4617092f363ec1236478517c4ddb8cb753942313ed5ea00ccc9f036756

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7552cc620e1971db-LHR
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8F37 15 KB
6 KB 254ms
130ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1F90 52 KB
17 KB 88ms
29ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75417
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5, 304174
X-Served-By: cache-lga13626-LGA, cache-lcy19263-LCY
X-Timer: S1664937687.431886,VS0,VE0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 2E63 477 B
319 B 72ms
71ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
last-modified: Tue, 04 Oct 2022 06:09:56 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame ED4C 52 KB
17 KB 95ms
31ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75417
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5, 303859
X-Served-By: cache-lga13626-LGA, cache-lcy19249-LCY
X-Timer: S1664937687.443558,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1D78 52 KB
17 KB 91ms
30ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 75417
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5, 304269
X-Served-By: cache-lga13626-LGA, cache-lcy19272-LCY
X-Timer: S1664937687.443716,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame BC3D 0
0 54ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1664937684115&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 3A82 477 B
319 B 84ms
73ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
last-modified: Tue, 04 Oct 2022 06:09:56 GMT
server: nginx
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame DFAF 0
0 50ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1664937684072&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 6561 477 B
319 B 79ms
72ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://subject.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
last-modified: Tue, 04 Oct 2022 06:09:56 GMT
server: nginx
vary: Accept-Encoding

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=4528753815651806677

0
426 B

56ms
42ms

Image
text/plain

18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=4528753815651806677
Protocol: H2
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: a20eed6e-ab67-45da-9a1d-3e3260d817e4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 175ms
33ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:26 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 52ms
44ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined&verify=true
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A&gdpr=0&gdpr_consent=

0
637 B

52ms
52ms

Image
text/plain

18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A&gdpr=0&gdpr_consent=
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=6115277519388051971

0
517 B

42ms
41ms

Image
text/plain

18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=6115277519388051971
Protocol: H2
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=6115277519388051971
date: Wed, 05 Oct 2022 02:41:27 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoo...
https://x.bidswitch.net/sync?dsp_id=354&user_id=6537b1b789914cb1a30239d546f133e8&ssp=vidoomy&bsw_param=450949e0-01ce-4525-9ca6-0d0fd1816f28&gdpr=&consent=&gdpr_pd=&expires=7
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=450949e0-01ce-4525-9ca6-0d0fd1816f28

43 B
331 B

187ms
84ms

Image
image/gif

18.194.202.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=450949e0-01ce-4525-9ca6-0d0fd1816f28
Protocol: H2
Server: 18.194.202.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-202-243.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:28 GMT
content-encoding: none
server: fasthttp
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=450949e0-01ce-4525-9ca6-0d0fd1816f28
Date: Wed, 05 Oct 2022 02:41:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
rtb.adxpremium.services/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=0&gdpr_consent=&us_privacy=&uid=6115277519388051971

86 B
596 B

51ms
50ms

Image
image/png

148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=0&gdpr_consent=&us_privacy=&uid=6115277519388051971
Protocol: HTTP/1.1
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://subject.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

location: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=0&gdpr_consent=&us_privacy=&uid=6115277519388051971
date: Wed, 05 Oct 2022 02:41:27 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame B39C 45 KB
16 KB 288ms
118ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 15:40:40 GMT
server: nginx
etag: W/"c87cc3a18c31cb8edfda9b764a5b5b11"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 841C 45 KB
16 KB 276ms
119ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 15:40:40 GMT
server: nginx
etag: W/"c87cc3a18c31cb8edfda9b764a5b5b11"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 /
s.ad.smaato.net/c/ Frame B10E 0
240 B 196ms
52ms Image
text/plain 2600:9000:211a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 40iobBdbtozTVv-8Vpd7XQA5MrutE9nyTvG4KcLD3G6N7777_TRnnQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame B10E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

43 B
105 B

114ms
111ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc634f0071db-LHR
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: 46f50f47-545f-4de7-8650-d43c63f4278c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B10E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

43 B
94 B

182ms
173ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bff471db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B10E 0
282 B 143ms
43ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 02:41:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame B10E 43 B
1 KB 52ms
43ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame B10E 0
34 B 198ms
46ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B10E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

43 B
94 B

189ms
188ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc649fe171db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame B10E
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

110ms
110ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc647fce71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 05 Oct 2022 02:41:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B10E
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZH6ChTpOTIQRKeRQCD&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0Nj...
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZX...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

43 B
117 B

110ms
110ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc6c1c6871db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:28 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8377 0
240 B 190ms
52ms Image
text/plain 2600:9000:211a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: TyCWmdBtEaxlG9lc-VCc_LhG4mXXMEruUducvHiSYnHqLzws-p_jwg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8377
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

43 B
94 B

120ms
120ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc634f0771db-LHR
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: 39bab197-29ab-4f84-a3b9-b996d2e1814b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8377
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

43 B
94 B

185ms
176ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bff571db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 8377 0
282 B 144ms
49ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 02:41:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 8377 43 B
1 KB 78ms
41ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 8377 0
35 B 182ms
46ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8377
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

43 B
94 B

112ms
111ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc649fdf71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8377
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

106ms
106ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc647fd071db-LHR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 05 Oct 2022 02:41:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 8377
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0Nj...
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZX...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

43 B
94 B

110ms
110ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc6cdcdb71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:29 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 18CC 0
282 B 156ms
42ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 02:41:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 18CC
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

43 B
94 B

192ms
183ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bff771db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 18CC 43 B
1 KB 108ms
44ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 18CC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

43 B
94 B

111ms
110ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc635f1371db-LHR
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: 6a4a9a5e-53fe-441c-b0fd-a3d92b27bbaf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 18CC 0
241 B 135ms
54ms Image
text/plain 2600:9000:211a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: UrrCpkPGAVtP_v3TtjkG_QZzyb1DvBDD9qoW5FVEZDgOboo9WKSh6w==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 18CC
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

105ms
105ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc647fd171db-LHR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 05 Oct 2022 02:41:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 18CC 0
34 B 166ms
47ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 18CC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

43 B
94 B

187ms
187ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc649fdd71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame 18CC
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0Nj...
https://ssp.disqus.com/match?bidder=18&buyeruid=e234028c-d462-45d5-9193-e9108400b814&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZX...
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

43 B
94 B

105ms
105ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc6dad6d71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:29 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame B071 1 KB
854 B 240ms
135ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b357ec50a804d53379e372d5ccdc3243ddd95fe0fb0b5aa30abdae6a8b28e0ba

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7552cc636cd67437-LHR
content-encoding: br
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08IVpmZs46pr6epf16zwkB1syRUdS0EYueEhq91zLIRLaRi8my3UwFuy2TP0lZfT20tIrGjkJOKFU1eU1Oh8v%2FlZrOnHCqjuoe0BF6J4hefMqoMx9E5Ri7BzCm3xuHX1Om2xnzn5vFgYng%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 191F 15 KB
6 KB 140ms
126ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A7A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

133ms
41ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 05 Oct 2022 02:41:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame 5728 0
0 44ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame E249 0
0 177ms
34ms Document
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C0DF
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

112ms
112ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc647fcf71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 05 Oct 2022 02:41:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C0DF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

43 B
94 B

177ms
176ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc649fe071db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame C0DF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

43 B
94 B

105ms
105ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc640f8871db-LHR
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: e8539d78-9c93-45b8-8e6d-302ce4e8a372
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame C0DF 0
240 B 78ms
53ms Image
text/plain 2600:9000:211a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: rHQ1yb4TJ65jO56bA1i-3QMOXPIXmHIszhmhmDKobAfrCbVcLayN9g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame C0DF
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

43 B
94 B

182ms
173ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bff671db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C0DF
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3lu...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM...
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

43 B
117 B

111ms
110ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc6aeb9771db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:28 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame C0DF 0
34 B 111ms
47ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame C0DF 0
282 B 112ms
50ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 02:41:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame C0DF 43 B
1 KB 56ms
43ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6C59 2 KB
1 KB 172ms
80ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc894a7f9bde3bf4ba239b027c0f4b9f9b017488a7fe5bdf2e970e424286387

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7552cc636cd77437-LHR
content-encoding: br
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlFIdc2%2FuprSgJeb%2Bc0vqdVtn1aeH4WaApu9Hnobs0CEJDON0HVa86FB0EekQUfaZnGhNkyixK%2BxGdS8xf74Yhm5J2%2F2o5GHoY%2BtJ4WaJSHl3zq%2BoxUk6W2QCsT0coAPce9XodVx0DN3KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6747 15 KB
6 KB 137ms
135ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BD6D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

133ms
40ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 05 Oct 2022 02:41:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame 37EA 0
0 43ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame 4C44 0
0 164ms
35ms Document
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 2E63 45 KB
16 KB 198ms
119ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 15:40:40 GMT
server: nginx
etag: W/"c87cc3a18c31cb8edfda9b764a5b5b11"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 8098 2 KB
878 B 163ms
88ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006e093146b2a93473d6c1d45c76a0dfefeb2f463e2fbfc3a49aeee235a5ada8

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7552cc636cd97437-LHR
content-encoding: br
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjNEgRDdfijsAY6iF5RFJRc0WbmlbwO7DGmRTz3JES8eSKhjREZsTc5edlcbQgObwFVtujyuPrsX2Ct%2Fv9gxvS5vBTRd2sg5q45iP9fyxVMwUC1dEwwTIcJigrNJ8q0Ri6Zzd6IBcUSKtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame A08A 0
0 152ms
34ms Document
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame C99F 0
0 41ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 873C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

133ms
41ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 05 Oct 2022 02:41:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B942 15 KB
6 KB 122ms
122ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 6561 45 KB
16 KB 171ms
119ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 15:40:40 GMT
server: nginx
etag: W/"c87cc3a18c31cb8edfda9b764a5b5b11"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 3A82 45 KB
16 KB 164ms
120ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=76655694811790700000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 15:40:40 GMT
server: nginx
etag: W/"c87cc3a18c31cb8edfda9b764a5b5b11"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 /
s.ad.smaato.net/c/ Frame 2D7D 0
239 B 81ms
54ms Image
text/plain 2600:9000:211a:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: EUd8FXxefyZe9j5yko-IiQcMhID-36nAmUvM8ev2h58p1aFBs7srQw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 2D7D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677

43 B
94 B

110ms
109ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc640f8771db-LHR
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: c392679b-1b7d-45b1-a577-ca640de99111
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 2D7D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5

43 B
94 B

131ms
131ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc644fb271db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e2d0fd9c-1488-5216-84b0-b172e78c5fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 2D7D 0
282 B 72ms
50ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 02:41:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 2D7D 43 B
1 KB 44ms
41ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 02:41:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 2D7D 0
34 B 71ms
47ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 2D7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A

43 B
94 B

110ms
109ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc644fb171db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OKj6halE2uFkvw6nKinJG_nYy1PWjfx2Lm484IE-~A
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame 2D7D
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

105ms
105ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc647fcd71db-LHR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 05 Oct 2022 02:41:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 2D7D
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3lu...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTgyMzkyODBhLWJhZjAtM...
https://ce.lijit.com/merge?pid=279534&3pid=ua-8239280a-baf0-3ddd-9868-061919464cac&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FbYhuRZHVgr8OSm2Q3OMubQ5&r=Cid1YS04MjM5MjgwYS1iYWYwLTNkZGQtOTg2OC0wNjE5MTk0NjRjYWMqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac

43 B
94 B

112ms
111ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc6aeb9871db-LHR
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-8239280a-baf0-3ddd-9868-061919464cac
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:28 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 10B7 15 KB
6 KB 80ms
77ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame A017 2 KB
922 B 101ms
81ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e9f3d807edf01ce38b445a2264b4567c5679f0a4370b2a2646590b886e5a34d

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7552cc636cd87437-LHR
content-encoding: br
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FDs%2Fe1u5qwvM54P4lLQObn8mtn8irmMbyeJsYEflzMwzwlXpJlu%2B2q4TexBgcXMDrMekv6JWqMFt5WAzHYMBWX6HHQtQKXbz3UuM0tvW4VWnRY6us6wz41uCc5uPFAU2vxCGPNdE3oGCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5A2C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

133ms
42ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 05 Oct 2022 02:41:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame ED09 0
0 41ms
41ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame 9911 0
0 93ms
33ms Document
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame EE60 1 KB
822 B 78ms
77ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d242000996f6ecc514044ab6113f45b937dcaf9a0a3ba937de5733215205fb

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7552cc638cee7437-LHR
content-encoding: br
content-type: text/html
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVm5c91%2FvQc7wNkgI2%2FLnBfx3Rmzpb7hoDHc%2Bb1%2Fx7inCBPYk38EwYBzxYgSZOJBMzgTm17Z97mqnh21oczAjLSRYKmQqSQlJFP6C50cASK68XoJYpLD0yjlPEGH3ymm46loQW%2BnPQHRhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1974 15 KB
6 KB 70ms
69ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=105192
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 02:41:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 06 Oct 2022 07:54:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9B0C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

131ms
42ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 02:41:27 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 05 Oct 2022 02:41:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame 2C44 0
0 63ms
49ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame F411 0
0 46ms
33ms Document
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 165ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 05 Oct 2022 02:41:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 451288
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6C59
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

43 B
855 B

123ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5PHDKXQCC23Y14QMSC5R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D67VR758BD6VG2CYG65W
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 6C59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

43 B
889 B

124ms
79ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkHL73MB%2FJeT5LY7zEm5uFu8Bk62pu45CNxqgD2uE0mrPg0V9YxyxX9hYp6Upesz91e197AwGV%2BFiH2MwqUTF%2B4%2BXAPrFnWLXth%2BNqkQjfgewTiWU%2B%2By8nWkBFf%2Bo0VycmCynF5%2BW39%2ByA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7552cc6508b7892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6C59 70 B
264 B 48ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6C59 43 B
603 B 179ms
48ms Image
image/gif 2a05:d018:d29:3605:c283:2fe6:5625:9484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c283:2fe6:5625:9484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6C59
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vDeLtLKg1OFUlF5

43 B
766 B

62ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vDeLtLKg1OFUlF5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vDeLtLKg1OFUlF5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6C59
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2c2d633c-eed7-4500-a154-8b1bfe39030f

43 B
766 B

43ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2c2d633c-eed7-4500-a154-8b1bfe39030f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: MT3 4539 98cc2da master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2c2d633c-eed7-4500-a154-8b1bfe39030f
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 6C59 43 B
408 B 170ms
41ms Image
image/gif 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
server: Cowboy
Content-Type: image/gif
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6C59
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666147287

43 B
766 B

120ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666147287
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666147287
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
sync.quantumdex.io/ Frame 6C59 43 B
94 B 194ms
185ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bffc71db-LHR
content-length: 43
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A017 70 B
264 B 40ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A017
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

43 B
855 B

131ms
131ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1X4NYZBA8V15MY7Y68TD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H1EHG2Q8ET72HH6MKJH6
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame A017
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

43 B
846 B

70ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK%2Fqu5f%2ByMnyXrmErVhu0lg5P%2B%2BERnaYltuzGqlDdKSTXZ1078ODiFsZ5L86cg0GLScUPbECZdkSjE4haom2zDupZDr6XaEjNneOmKs%2Bu5MdIjROOtTggYvtmsMRsZDgwThbRXZEaro8oA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7552cc6528d1892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A017 43 B
602 B 179ms
48ms Image
image/gif 2a05:d018:d29:3605:c283:2fe6:5625:9484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c283:2fe6:5625:9484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame A017
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665024087

43 B
766 B

59ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665024087
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665024087
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A017
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677

43 B
766 B

113ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: b672727d-0db4-417e-a5fb-b089ec46339d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A017
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7944987500643317189

43 B
766 B

70ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7944987500643317189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7944987500643317189
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A017
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3951633c-eed7-4f00-93d5-281b5eef9388

43 B
766 B

43ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3951633c-eed7-4f00-93d5-281b5eef9388
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: MT3 4539 98cc2da master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3951633c-eed7-4f00-93d5-281b5eef9388
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 05 Oct 2022 02:41:27 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame A017 43 B
94 B 184ms
176ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bffd71db-LHR
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8098
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677

43 B
766 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: 2cad2373-603a-4764-8de1-3b187e86384b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 503 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 8098 0
177 B 100ms
28ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664937688.820645,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lcy19240-LCY

GET
H2

200

Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8098
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB

43 B
602 B

102ms
49ms

Image
image/gif

2a05:d018:d29:3605:c283:2fe6:5625:9484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Server

2a05:d018:d29:3605:c283:2fe6:5625:9484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 8098 43 B
433 B 167ms
39ms Image
image/gif 54.194.213.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.213.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8098
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PW578W44LKUmOHmqbWtloz1reKcmaXynbTi_p-M6

43 B
766 B

74ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PW578W44LKUmOHmqbWtloz1reKcmaXynbTi_p-M6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PW578W44LKUmOHmqbWtloz1reKcmaXynbTi_p-M6
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8098
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1

43 B
845 B

109ms
108ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7hYSnR%2Bi8yRgW0G46zdU0tAxNEyaAZ%2BvopDEk43zz42mX5HU6cnTggvHKsHoVSjXO9%2BWlsE3ouatmpLqQPTXlKxsW8yUkproUFVJs2suZ72T80edM5QTKQfpo%2Bh8o8Wc%2Fn8SGH2CxXNSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7552cc6528d3892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0cgaNeHOodMetYye5tE3Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 8098
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4528753815651806677

43 B
766 B

145ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4528753815651806677
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid: 26a1ec30-4574-4b32-b99b-cf06ff02adcc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4528753815651806677
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8098
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7584699530453677509

43 B
766 B

71ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7584699530453677509
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7584699530453677509
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 setuid
sync.quantumdex.io/ Frame 8098 43 B
94 B 189ms
185ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64bfff71db-LHR
content-length: 43
content-type: image/gif

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EE60 0
191 B 33ms
32ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame EE60 42 B
181 B 138ms
39ms Image
image/gif 52.213.169.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.169.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-169-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE60
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3CysAFAaSP5aeXAtwnTY_tmKxGo

43 B
766 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3CysAFAaSP5aeXAtwnTY_tmKxGo
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3CysAFAaSP5aeXAtwnTY_tmKxGo
Date: Wed, 05 Oct 2022 02:41:27 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EE60
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821885255272

43 B
766 B

79ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821885255272
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821885255272
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame EE60
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=89c6958b-99c8-27eb-51aa5196

43 B
766 B

100ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=89c6958b-99c8-27eb-51aa5196
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Wed, 05 Oct 2022 02:41:27 GMT
via: 1.1 google
server: nginx/1.22.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=89c6958b-99c8-27eb-51aa5196
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame EE60 43 B
433 B 167ms
40ms Image
image/gif 54.194.213.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.213.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EE60
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame EE60 43 B
408 B 181ms
48ms Image
image/gif 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
server: Cowboy
Content-Type: image/gif
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame EE60 43 B
94 B 117ms
115ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64c80871db-LHR
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B071
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D397A0B8CA5D4AA2B4FB91211282FE57

43 B
766 B

112ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D397A0B8CA5D4AA2B4FB91211282FE57
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D397A0B8CA5D4AA2B4FB91211282FE57
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Oct 2022 02:41:27 GMT

GET
H2 204 /
csync.loopme.me/ Frame B071 0
131 B 123ms
49ms Image
text/plain 2606:4700::6813:ac6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ac6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc651ff3f423-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B071
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1d2a7497-ced4-4858-8aa9-dd40c5227c08

43 B
766 B

114ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1d2a7497-ced4-4858-8aa9-dd40c5227c08
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1d2a7497-ced4-4858-8aa9-dd40c5227c08
date: Wed, 05 Oct 2022 02:41:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame B071
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=450949e0-01ce-4525-9ca6-0d0fd1816f28
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=450949e0-01ce-4525-9ca6-0d0fd1816f28
https://x.bidswitch.net/sync?dsp_id=4&user_id=e845684e-8f30-48dd-aaa4-339978e3c888&ssp=index&expires=30&user_group=5&bsw_param=450949e0-01ce-4525-9ca6-0d0fd1816f28
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=450949e0-01ce-4525-9ca6-0d0fd1816f28

43 B
766 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=450949e0-01ce-4525-9ca6-0d0fd1816f28
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=450949e0-01ce-4525-9ca6-0d0fd1816f28
Date: Wed, 05 Oct 2022 02:41:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B071
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b8I3xk061OFUlF5

43 B
766 B

64ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b8I3xk061OFUlF5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b8I3xk061OFUlF5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B071
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922043984349

43 B
766 B

106ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922043984349
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922043984349
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B071
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666121649

43 B
766 B

118ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666121649
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6115277519388051971&expiration=1666121649
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame B071 43 B
433 B 162ms
41ms Image
image/gif 54.194.213.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.213.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 05 Oct 2022 02:41:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame B071 43 B
94 B 176ms
174ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Yzzu1aYT47lQJRjfv-JKywAAFDkAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7552cc64c80971db-LHR
content-length: 43
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BB74 0
39 B 35ms
34ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78760648&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:41:26 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BD6D 31 KB
10 KB 42ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68465
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 05 Oct 2022 21:42:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A7A 31 KB
10 KB 44ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68465
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 05 Oct 2022 21:42:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 873C 31 KB
10 KB 41ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68465
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 05 Oct 2022 21:42:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5A2C 31 KB
10 KB 41ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68465
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 05 Oct 2022 21:42:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9B0C 31 KB
10 KB 41ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:41:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68465
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 05 Oct 2022 21:42:32 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BD6D 284 B
536 B 208ms
45ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1A7A 284 B
536 B 199ms
43ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 873C 284 B
536 B 198ms
46ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5A2C 284 B
536 B 194ms
46ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9B0C 284 B
536 B 190ms
48ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1A7A 0
239 B 453ms
109ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
subject.com.ua/	1969-12-31 23:59:59	Name: Value: store.test
.subject.com.ua/	1970-01-20 16:04:57	Name: _ga Value: GA1.3.289627364.1664937684
.subject.com.ua/	1970-01-20 06:30:24	Name: _gid Value: GA1.3.873588498.1664937684
.subject.com.ua/	1970-01-20 06:28:57	Name: _gat_gtag_UA_1099121_7 Value: 1
subject.com.ua/	1970-01-20 07:12:09	Name: _pbjs_userid_consent_data Value: 6683316680106290
.subject.com.ua/	1970-01-20 15:14:33	Name: _sharedID Value: 8d98401d-3378-4d3c-9f6a-e736a9b9486b
.subject.com.ua/	1970-01-20 06:28:57	Name: _gat_gtag_UA_113932176_40 Value: 1
.adnxs.com/	1970-01-20 08:38:33	Name: uuid2 Value: 4528753815651806677
.quantumdex.io/	1970-01-20 06:43:21	Name: uid Value: 09d1151f-e897-453f-b80d-c1a1a7016047
.doubleclick.net/	1970-01-20 15:50:33	Name: IDE Value: AHWqTUmwRJoq7oDeudCqxracchWynzwA_Kno8G00myqog5QR8_FnCeEK1A9AgMNcxg0
.adnxs.com/	1970-01-20 08:38:33	Name: icu Value: ChgIjfJbEAoYAiACKAIw1N3zmQY4AkACSAIQ1N3zmQYYAQ..
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iMrbg_yiwRI
.youtube.com/	1970-01-20 10:48:09	Name: VISITOR_INFO1_LIVE Value: Ro4KgxiiB5Y
subject.com.ua/	1970-01-20 06:39:02	Name: __oaue Value: true
.subject.com.ua/	1970-01-20 15:50:33	Name: __gads Value: ID=d09b4aacdb19ed76:T=1664937683:S=ALNI_MbyM6Y3kSJ8QFI3xEboAweijWtiLQ
.doubleclick.net/	1970-01-20 06:29:01	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 08:38:33	Name: CMPS Value: 5177
.casalemedia.com/	1970-01-20 08:38:33	Name: CMPRO Value: 5177
.adnxs.com/	1970-01-20 08:38:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#u`h[q!]tbPl1M>e)ZlrFUfJ+tGXxouXB/e)]1i?)?q/<.S4Z2[?8PY8X^X-nX7gL%3If)y3KL9D3I?+1H(+*5
.casalemedia.com/	1970-01-20 15:14:33	Name: CMID Value: Yzzu1aYT47lQJRjfv.JKywAA
.adform.net/	1970-01-20 07:13:36	Name: C Value: 1
.adform.net/	1970-01-20 07:54:56	Name: uid Value: 6115277519388051971
sync.srv.stackadapt.com/	1970-01-20 15:14:33	Name: sa-user-id Value: s%3A0-dc2cac00-501a-48fe-5a79-702dc274d8fe.T%2FXQ13kX42Icpdncfkf1oxg1IQEVqPtDgrSoJaIQY6A
.srv.stackadapt.com/	1970-01-20 15:14:33	Name: sa-user-id-v2 Value: s%3A3CysAFAaSP5aeXAtwnTY_tmKxGo.eQNnYzQlhZy223scz4OnpKAzzrDMisipg9k%2F6v0NUVU
.id5-sync.com/	1970-01-20 06:28:57	Name: cf Value:
.id5-sync.com/	1970-01-20 06:28:57	Name: cip Value:
.id5-sync.com/	1970-01-20 06:28:57	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:28:57	Name: car Value:
.id5-sync.com/	1970-01-20 06:28:57	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:28:57	Name: callback Value:
subject.com.ua/	1970-01-20 15:14:33	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-05T02%3A41%3A27%22%7D
a-prebid.vidoomy.com/	1970-01-20 08:38:33	Name: SSCookie Value: 1
.yahoo.com/	1970-01-20 15:14:55	Name: A3 Value: d=AQABBNfuPGMCEIT9zoQwIw6CC-J6ZKLVvwcFEgEBAQFAPmNGYwAAAAAA_eMAAA&S=AQAAAmNfg6ln3K30HRfHpTRwEcw
.betweendigital.com/	1970-01-20 15:14:33	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:14:33	Name: ss Value: 1
.adxpremium.services/	1970-01-20 08:38:33	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNjExNTI3NzUxOTM4ODA1MTk3MSIsImV4cGlyZXMiOiIyMDIyLTEwLTE5VDA0OjQxOjI3LjU4NzE4MTc1MSswMjowMCJ9fSwiYmRheSI6IjIwMjItMTAtMDVUMDQ6NDE6MjcuNTg3MTcxNDUyKzAyOjAwIn0=
.betweendigital.com/	1970-01-20 15:14:33	Name: tuuid Value: e2d0fd9c-1488-5216-84b0-b172e78c5fa5
.bidswitch.net/	1970-01-20 15:14:33	Name: tuuid Value: 450949e0-01ce-4525-9ca6-0d0fd1816f28
.bidswitch.net/	1970-01-20 15:14:33	Name: c Value: 1664937687
.bidswitch.net/	1970-01-20 15:14:33	Name: tuuid_lu Value: 1664937687
.media.net/	1970-01-20 15:14:33	Name: data-pbs Value: setstatuscode~~1
.betweendigital.com/	1970-01-20 15:14:33	Name: ut Value: Yzzu1wAKkwiNWGg0b5RV7f7HDIDJPXMfwnv47g==
.ads.pubmatic.com/	1970-01-20 06:30:24	Name: KCCH Value: YES
.vidoomy.com/	1970-01-20 08:38:33	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNjExNTI3NzUxOTM4ODA1MTk3MSIsImV4cGlyZXMiOiIyMDIyLTEwLTE5VDAyOjQxOjI3LjU4NTQ3NDczMVoifSwiYWRueHMiOnsidWlkIjoiNDUyODc1MzgxNTY1MTgwNjY3NyIsImV4cGlyZXMiOiIyMDIyLTEwLTE5VDAyOjQxOjI3LjQ2ODkzNDMzM1oifSwidmVyaXpvbm1lZGlhIjp7InVpZCI6InktT0tqNmhhbEUydUZrdnc2bktpbkpHX25ZeTFQV2pmeDJMbTQ4NElFLX5BIiwiZXhwaXJlcyI6IjIwMjItMTAtMTlUMDI6NDE6MjcuNzkyMDk3NjIyWiJ9fSwiYmRheSI6IjIwMjItMTAtMDVUMDI6NDE6MjcuNDY4OTI5NjkxWiJ9
.analytics.yahoo.com/	1970-01-20 15:14:33	Name: IDSYNC Value: "192w~27je:175w~27je"
.simpli.fi/	1970-01-20 15:16:00	Name: suid Value: D397A0B8CA5D4AA2B4FB91211282FE57
.admixer.net/	1970-01-20 08:38:33	Name: am-uid Value: 6537b1b789914cb1a30239d546f133e8
.quantserve.com/	1970-01-20 08:38:33	Name: d Value: EH0BDQGhJ7jvsQA
.quantserve.com/	1970-01-20 15:59:12	Name: mc Value: 633ceed7-e18f6-16605-445fe
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIwMba0MDE2sRTiM9StdE1MMSozDDI1LzQCAG9Xke0lAAAA
.rfihub.com/	1970-01-20 15:50:33	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIwMba0MDE2sRTiM9StdE1MMSozDDI1LzQCAG9Xke0lAAAA
.rfihub.com/	1970-01-20 15:50:33	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZiaWxuZmFuaWwEAP-EMsgQAAAA
.brand-display.com/	1970-01-20 16:04:57	Name: _knxq_ Value: 89c6958b-99c8-27eb-51aa5196.1664937687.0.1664937687.1664937687
.turn.com/	1970-01-20 10:48:09	Name: uid Value: 7584699530453677509
.subject.com.ua/	1970-01-20 15:50:33	Name: cto_bundle Value: RUfiMV9GaUlKZUE1V004TEU5azJ4NVJDeTZuSlNXZW1oaDBiVVBFRHA2RkFCcWRjWEx2OWglMkJWcDg1anlPRERGUzBDWGk0Z1lLb0JBSW9DUkFkaVNwbzhkWldxN2l3WGdXREZ1NSUyRmFMOGwyWklYR3huclo5SFZFQTE5NnRuZkdYMTN6U20
.subject.com.ua/	1970-01-20 15:50:33	Name: cto_bidid Value: Qf6Z5F91ZjY0dDNZaHNNTEUlMkJJc2FRaVNpeTJFaWYwTzZXQUx0MmY5ZW1iQmI3bU9vaTFGZ0NCdnFjOUFDVEYyZjh4RW1jbzRTclVCUXl0aWNTSU9JSUlOaExnJTNEJTNE
.w55c.net/	1970-01-20 07:12:09	Name: matchcasale Value: 5
.w55c.net/	1970-01-20 15:59:12	Name: wfivefivec Value: b8I3xk061OFUlF5
.disqus.com/	1970-01-20 15:14:33	Name: zeta-ssp-user-id Value: ua-8239280a-baf0-3ddd-9868-061919464cac
.vidoomy.com/	1970-01-20 15:14:33	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjQ1MDk0OWUwLTAxY2UtNDUyNS05Y2E2LTBkMGZkMTgxNmYyOCIsImV4cGlyZXMiOjE2Njc1Mjk2ODh9fX0=
.lijit.com/	1970-01-20 15:14:33	Name: _ljtrtb_279534 Value: ua-8239280a-baf0-3ddd-9868-061919464cac
.lijit.com/	1970-01-20 15:14:33	Name: ljt_reader Value: FbYhuRZHVgr8OSm2Q3OMubQ5
.creative-serving.com/	1970-01-20 15:50:33	Name: tuuid Value: e845684e-8f30-48dd-aaa4-339978e3c888
.creative-serving.com/	1970-01-20 15:50:33	Name: c Value: 1664937688
.creative-serving.com/	1970-01-20 15:50:33	Name: tuuid_lu Value: 1664937688
.mathtag.com/	1970-01-20 15:54:52	Name: uuid Value: 2c2d633c-eed7-4500-a154-8b1bfe39030f
.amazon-adsystem.com/	1970-01-20 16:04:57	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:19	Name: ad-id Value: A31ktABMxkGMn0N8ZqqNXsY
.casalemedia.com/	1970-01-20 08:38:33	Name: CMTS Value: 1165
.lijit.com/	1970-01-20 15:14:33	Name: ljtrtb Value: eJyrVjIytzQ1NlGyUipN1LUwMrY0sjBI1E1KTDPQNU5JSdG1tDCz0DUwM7Q0tDQxM0lOTFaqBQBRwQ0X
.go.sonobi.com/	1970-01-20 07:12:09	Name: __uis Value: e234028c-d462-45d5-9193-e9108400b814
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s86157\|Yzzvz

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9148d1051edf9f0e7dddcc6bc171d715.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.svtrd.com
a.vdo.ai
a.vidoomy.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
analytics.vdo.ai
ap.lijit.com
api.eu.dev2pub.com
b1sync.zemanta.com
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cdn.admixer.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
clients1.google.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cs.emxdgt.com
cse.google.com
csync.loopme.me
d.adroll.com
d.vidoomy.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h5.vdo.ai
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
onetag-sys.com
optad360.mgr.consensu.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb.adxpremium.services
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
stat.optad360.mgr.consensu.org
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
subject.com.ua
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.teads.tv
tag.eu.dev2pub.com
targeting.vdo.ai
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
104.18.19.126
104.96.145.246
108.138.7.31
141.95.33.111
142.250.180.194
142.250.186.34
146.0.227.109
147.75.85.234
148.251.121.152
15.197.193.217
151.101.1.108
151.101.2.49
178.250.0.157
178.250.2.131
18.158.8.202
18.194.202.243
18.196.233.38
185.184.8.90
185.29.132.245
185.80.39.216
188.42.196.115
193.0.160.129
198.47.127.19
198.47.127.22
2.18.168.202
20.127.253.7
2001:678:cb4:bbbb::11
212.77.98.32
212.77.99.29
213.19.147.44
216.52.2.30
23.205.235.133
23.35.228.23
23.35.237.56
2600:1f18:1aca:4280:e955:3e30:9d62:70ae
2600:9000:206f:bc00:11:a4de:2580:93a1
2600:9000:20d9:8800:6:b871:4f00:93a1
2600:9000:211a:dc00:1b:5138:8a40:93a1
2600:9000:214f:6800:8:48e:53c0:93a1
2606:4700:10::ac43:2ac9
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6813:ac6c
2606:4700:e0::ac40:6903
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400d:805::2001
2a00:1450:400d:806::2003
2a00:1450:400d:806::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2003
2a00:1450:400d:80e::2006
2a00:1450:4025:401::9c
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1400
2a03:90c0:e1:2801::254
2a05:d018:d29:3605:c283:2fe6:5625:9484
3.122.40.23
3.122.84.171
3.123.174.3
3.126.56.137
3.231.251.159
31.131.26.2
34.111.151.213
34.227.131.62
34.91.62.186
34.95.81.168
37.157.4.23
37.157.4.29
37.252.172.249
37.252.173.215
51.79.20.94
51.89.9.252
51.91.60.38
52.213.169.38
52.29.139.35
52.46.130.91
52.49.50.17
54.194.213.220
54.39.16.115
64.202.112.191
66.155.71.150
69.166.1.12
69.173.144.139
72.251.241.204
8.43.72.97
99.86.4.86
006e093146b2a93473d6c1d45c76a0dfefeb2f463e2fbfc3a49aeee235a5ada8
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0423f9d17a56d47131c117695da8d5a6c2802e7d0cccc6aa2035d9fbe28a1abc
06a3890dbee2a2b554232acc9c16075307e15f0ff8f4c11a2ddcc61ba5974802
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c355920560e593a5397c27c1ec924d4ba5441b36704fdbde859ee233724b92c
0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d
0e9f3d807edf01ce38b445a2264b4567c5679f0a4370b2a2646590b886e5a34d
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
13ac3d0e38dd3eb2bfad5dddd06c055d25d0501e8174fb83a564b46f9bf90ff7
14033d31fcb3a4846ce5dcffacb72f2683dd15c0d756664ba11850b0f4836087
16fd8a3e4afcd021a85b3eed39be5f0f8fd1cfd925e8b49f0c8d1cc658027771
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19007501fee69cec78574e1ffd3a289177a443aac1426382ddf0f2f6f91186a3
196fb32aec8fe4a71ae7fcfa3d9914583c69fce25c81d0d5ef58f52f006b403c
1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
20ef7a75fad6a9f2c45225d92dfaee742bdbe39e8aaf06243afd295acaee1ce1
221a98ed72ece7f8b065aa3ea3aec742fe1445d6f56befdaf75f9c5077ff45b4
24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
26be7aa25eb5523b05ac27e615580710326f526e3033e79b9026bbdc83aba847
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9
29eff119b8ef64781433bec315830452c69b02d45344afddee35723ee408e0c7
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
2d8e0edea595e2700bee10712435e3d827a0cd8aff499d1a20adcb701adcfde7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fec7035d8913f1ecd6bd722d1e68a6813913c8f85782c6c8a54ab4338f617eb
30dc5454f49bd559b31d8c371c030336189637d4de7eea29d60c1fe37d7d027e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3b9c14bb7c8911ce2d5f61b2909ced8fa5b7801396b72265551b57d0485cdb1c
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432c4035e3fbb96b4dc65ee483f2a9ea75a8ce99b09a51da0e2fdfbeb095aa3d
46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc
47aab53d4ee677eddd63804129b8f0b19ad570bdf4e5666dca28688572c9473f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492ea1a1ee966f124ff703a08ca85a2ce9f53da93baf77e1db6b0938633c80d4
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d61b06a23d14629f85852c804e2a7c55000054e521a98de3ea463f3d4245145
4fbad1c338dff8857c1df524f5d2bf5220339197ae3c67e40b5d9dce6288e34a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee60c8817ff8d412e5d2b54e4b3a530d4766201798bf7d8d13ad64fe2c154c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57b3c7f9b070c3fc5c4ab2aab3867a92c523b3185d9eeb53f54a6b5f64933853
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c79cd290399a7bd1e8c5b648fa05415697a5926812095edefc6cadd64049dd2
5fde3097a59907bb2a70cc7ef0d01c194c3c249467e733e67ecb2506a9b2fbef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f3dd341cbb2c53a94d5eee10dcb6498a4a88fb0b1289b79a14c688bf7c8058
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67ab35aae4ea24489827fde4b437092f8b7f73ad8710e51a130992f4bb6fc742
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68bb402c953aa7f8c538b43aeb880d533b34c8fab5b07c4d60a697d0f96a0aa4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0d16a94cbec083874fbef45c6f6cf7bd1f442114dbce789a152809b7c9f0b6
6e7e5b6cfd624b3cc2615ac5dd3d3765596070a5f69b331f96dd62c31a75cb0c
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2
70cd062b30336435058a6007dc319563270279d287e78143c963f66baf34728b
712c01bba60a56faafa661222202998100baacaa17ff25cfbf7b05266549e1ba
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
738df72872e3ed1d49b341eea918207efa339548a71f5a1e086eb1ee2d346fa6
769a1db862b8969c684d69059a131755fdc3ced724534e3c1c1f90d670a7dd8f
773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337
7871ac93634e56ecbe32dfd0cbd031981277a78b462596fed71c4ebe22c39b65
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7c5105350b5a4112268bcbccde977fb1e344aec1254777febe8eafe085358898
7c8d2cc221904ee2917b4817f523ad33e2113e14b7fb35251f0f01881c1b4f1e
7c9ff5bbd67f7d7e26bbd89bb4426493d4f6e7b8342570860a15f5640aedf78b
7cbe879424f30b22910997d88ae388629c55db06f0492e9a0cac747c4989993c
7f202a0758ec77276e348cf9307981e2909c68070a19d55a9b0af710488f3b02
8138dc9074bea1339cfb184e2e8ad474f0caa16edf1be57d33d675b040ad3a03
81f0f0136144a585f335f42c8a6ee2d1adcc69c4df8205fc2f8b409f407aeb84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
86e7e209a0c04fa610726b9815749c659c97169d47cb2f315fd8c3c7b049d6b3
88cbe3d9a35ac45111b54a53efeb8dfddbb8001d8fa72b708f9bc54250c0b8b9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8fe004dcdfbf15beef99e806addd0edacc1addf8348d633d5a5e3452b2fa3db1
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
9180ad871ed5efd85e07dd24de1cf7d233d0a20404a7585f90adbea4ac90e067
929275af47fe4f99fa9390db7e8b29f4fe69394bdb77d078ebfa40c1dc931395
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a5319736aa3e6e8df84e251f1581b324dc38b11544d4fdf6bcbd0190323f7e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd
9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10b84323b0c18b94cdd8947b85ee672a81332c8861f4bf84b7daa4eddd6afda
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a422bcab9f89579f7f2524f7fc2655f869c2a656c24a63f5541eee2c0e3642d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea150b55953103a44a0f723c971706b067dc025841534a7000c4a33daa9f9a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a89c532f294a91ddb4bd97fa91878aea5061b02856fba5e297cdb60f29932cbd
a9df1b0abb56a7118f7dd6b8954c23337cfecff5c75b3ba01d119eddcc26c0b1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad92025d166008673342cb0e3de44cef9ddd11e78ecd1c8d79380513d55f7993
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14ab80413d386353e8bccb8a68bea36a0178a719cebfa225467c2c6900efcad
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
b357ec50a804d53379e372d5ccdc3243ddd95fe0fb0b5aa30abdae6a8b28e0ba
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4beb8d67b5e70338802650c2f8c373afd1a6c29b1500c10c71ce0d1b431aaa7
b80917dd3c481cda5c3990647d97221b064bb9ccb635751cccd163e9e28a3622
b92142f24194405c3e59a17c84dad567c994bfe3e94483ae65a0aa1e25c5a902
bbdcb7c7165013bf5260e2d3892d69cb0e17fb33b957ee32d6e2394882d4ce78
bbe421e7d12d9a409cdf4d91c55b98a3edcda4da045998b0f2475a11b9f0494e
bcc894a7f9bde3bf4ba239b027c0f4b9f9b017488a7fe5bdf2e970e424286387
c132e5244480db3c735c5baa3cac21a8f2ffc1b6c8aa787400c9e3ef0fe069ff
c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c47c42f581619e9a58e10903a1e2a3c56ffd7b9ab7400dd26d6e91db947f9808
c6baee42c5aa3adf24b0764c1c06487b77056f10859e8f3f9d4c1c3c1b2201d8
c7d5b86cd2b2314c020e84452aef69bd46e1d01962faa13c441e9d20b05a25f6
cacb6a524cd599dacba314d7b1ce4744d6e2c986f274efa4eb18aa5b61470c4a
cb268e5adfa18f26a50e2e25788834aff3731ed125eeecb96e781ba3709bb601
ccebfd0fa35dbfb74ebcd21e96b9a6e525798f7720bb2d1bd8671fc081faec92
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10da2752f8a94bb44f51f1ccf6442d3cf6bda00df3581a6100dc1f56b3b4ff3
d283ab57d5ac79dd34909ecc3b74e95c2e5b67285b242068dbbf01c0f3ac3c3a
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
d9bc143dda31236ac3692e492fcfcc0c17bcc404b4d0e3dc13e9fd651ff54780
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deba48eda09297e99d5d687cbd1243855c92ee09312fed2f1fcdade98c405afd
e2d242000996f6ecc514044ab6113f45b937dcaf9a0a3ba937de5733215205fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e42a8e70d930c8aca22ff9588526f79001a7fc7d51e60d1a35d9d03441898db7
e5f03f9af37d53ef15548f31b74f9d5c31eae4af35a3263cdf53857cf42ef7e6
e86026a4cb833e0adde6f026d92b50038bf8b2c6df67cca005c9332cc957ffa9
eae690d8367bd052f4fa2ef806860ae57d4f89a57bb428c8ec64ba666ceec35d
eb94b04c35909768cedc613bb533b6f586b2123ae60ab9b5ba46acefeb8d2565
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed0bb82541de0bfb41e185eae9ceb5703826ad1fe9636d76c2623e30a26088f7
ed9058394445ee5619b3237e6f6ef2d595be99b2dd1bbf3469792177fb7cae57
eece307c25b22215ad5d34f5701eefdd568077f17da452d380488e9166aec71e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2
f3fe45ab68cefddfbc58b9834d58616a7f890fe18e5ea170a8c626de0048e4d9
f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f74114663d3b5268786c812d57e7e9450dd4ebeb7eac1c7d67e6d41278cde75d
fa792b4617092f363ec1236478517c4ddb8cb753942313ed5ea00ccc9f036756
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9
ffa4eda4e99cbcda33a01691c9fcb8d9648fc36069cf123a2e212b2d6e80e2f4
ffb5c13ef184596e73060f92a5ac9003fc85f0209ccacc93068f3af0884eb0f8

subject.com.ua Open in urlscan Pro 31.131.26.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

471 Requests

85 %HTTPS

38 %IPv6

72 Domains

113 Subdomains

79 IPs

16 Countries

7078 kBTransfer

15049 kBSize

72 Cookies

14 Outgoing links

Page URL History

Redirected requests

471 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

subject.com.ua Open in urlscan Pro
31.131.26.2 Public Scan

Screenshot
Live screenshot

Full Image

471
Requests

85 %
HTTPS

38 %
IPv6

72
Domains

113
Subdomains

79
IPs

16
Countries

7078 kB
Transfer

15049 kB
Size

72
Cookies

471 HTTP transactions
6 data transactions