urlscan.io logo urlscan.io
SecurityTrails logo

hyser.ua Open in urlscan Pro
2606:4700:3034::6815:5f33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hyser.ua/
Effective URL: https://hyser.ua/
Submission: On June 11 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 8 countries across 36 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3034::6815:5f33, located in United States and belongs to CLOUDFLARENET, US. The main domain is hyser.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2022. Valid for: 3 months.
This is the only time hyser.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 193.239.68.97 39468 (BIGMIR-IN...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.152.64.17 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 142.250.184.194 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 37.157.4.25 198622 (ADFORM)
3 185.33.221.53 29990 (ASN-APPNEX)
8 2602:803:c003... 26667 (RUBICONPR...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2 54.38.197.123 16276 (OVH)
1 52.29.145.136 16509 (AMAZON-02)
1 209.205.197.154 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 1 23.88.75.186 ()
1 7 23.227.139.243 ()
2 23.205.235.133 ()
1 23.35.236.188 ()
1 2a06:8640:852... ()
1 13.248.245.213 ()
2 2 52.210.88.151 ()
1 35.227.252.103 ()
5 5 69.173.144.165 ()
1 2620:1ec:21::14 ()
1 1 2a05:d018:d29... ()
1 2 69.173.144.139 ()
2 3 52.94.223.37 ()
1 35.71.131.137 ()
1 2a00:1288:80:... ()
1 35.244.174.68 ()
2 3 37.157.4.23 ()
3 2600:9000:21f... ()
1 13 3.66.201.109 ()
1 1 194.213.62.37 ()
2 2 23.35.236.247 ()
2 2 185.29.132.241 ()
1 1 178.250.0.163 ()
2 2 3.124.13.195 ()
116 44
27    2606:4700:3034::6815:5f33 (United States)

ASN13335 (CLOUDFLARENET, US)
hyser.ua
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
s.getstat.net
1    2606:4700:3030::ac43:a0b5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.getpush.net
3    2606:4700:3031::ac43:b689 (United States)

ASN13335 (CLOUDFLARENET, US)
aixcdn.com
c.aixcdn.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
cdn-b.notsy.io
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    52.29.145.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-145-136.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    23.88.75.186 (None, )

ASN- ()
csync.loopme.me
7    23.227.139.243 (None, )

ASN- ()
sync.adtelligent.com
sync.console.adtarget.com.tr
2    23.205.235.133 (None, )

ASN- ()
eus.rubiconproject.com
1    23.35.236.188 (None, )

ASN- ()
acdn.adnxs.com
1    2a06:8640:852:0:ec4:7aff:fe91:19a (None, )

ASN- ()
s.console.adtarget.com.tr
1    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
2    52.210.88.151 (None, )

ASN- ()
ad.360yield.com
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
5    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    2a05:d018:d29:3601:6b06:26e1:4300:34b (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
3    52.94.223.37 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
1    2a00:1288:80:807::2 (None, )

ASN- ()
ads.yahoo.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
3    37.157.4.23 (None, )

ASN- ()
cm.adform.net
track.adform.net
3    2600:9000:21f3:8400:f:4f64:8940:93a1 (None, )

ASN- ()
js.adscale.de
13    3.66.201.109 (None, )

ASN- ()
ih.adscale.de
1    194.213.62.37 (None, )

ASN- ()
bbnaut.ibillboard.com
2    23.35.236.247 (None, )

ASN- ()
ssum.casalemedia.com
2    185.29.132.241 (None, )

ASN- ()
sync.mathtag.com
1    178.250.0.163 (None, )

ASN- ()
dis.criteo.com
2    3.124.13.195 (None, )

ASN- ()
tracking.m6r.eu
tracking-a.dsp.m6r.eu
Apex Domain
Subdomains		 Transfer
27 hyser.ua
hyser.ua
543 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 494
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
21 KB
16 adscale.de
js.adscale.de
ih.adscale.de
16 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 146
40 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 104
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net
229 KB
5 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 728
gum.criteo.com — Cisco Umbrella Rank: 381
mug.criteo.com — Cisco Umbrella Rank: 2914
dis.criteo.com
8 KB
4 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6467
sync.adtelligent.com
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 231
acdn.adnxs.com
43 KB
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 4115
cm.adform.net
track.adform.net
2 KB
4 getstat.net
s.getstat.net — Cisco Umbrella Rank: 409434
9 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 82
2 KB
3 notsy.io
cdn-b.notsy.io — Cisco Umbrella Rank: 89463
170 KB
3 aixcdn.com
aixcdn.com — Cisco Umbrella Rank: 404858
c.aixcdn.com — Cisco Umbrella Rank: 454139
10 KB
2 m6r.eu
tracking.m6r.eu
tracking-a.dsp.m6r.eu
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 casalemedia.com
ssum.casalemedia.com
2 KB
2 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
1 KB
2 360yield.com
ad.360yield.com
690 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 613
57 KB
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2980
adservice.google.co.uk — Cisco Umbrella Rank: 4822
1 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 590
eb2.3lift.com
642 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 7058
683 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
20 KB
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 rlcdn.com
id.rlcdn.com
1 adsrvr.org
match.adsrvr.org
265 B
1 linkedin.com
px.ads.linkedin.com
708 B
1 openx.net
rtb.openx.net
350 B
1 loopme.me
csync.loopme.me
207 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 434
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 172
28 KB
1 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 138549
421 B
1 getpush.net
cdn.getpush.net — Cisco Umbrella Rank: 151136
18 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
39 KB
116 36
Domain Requested by
27 hyser.ua 1 redirects hyser.ua
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
8 fastlane.rubiconproject.com cdn-b.notsy.io
5 token.rubiconproject.com 5 redirects
4 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
js.adscale.de
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 s.getstat.net hyser.ua
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 aax-eu.amazon-adsystem.com 2 redirects
3 cm.g.doubleclick.net 1 redirects
3 sync.adtelligent.com cdn-b.notsy.io
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 ib.adnxs.com cdn-b.notsy.io
acdn.adnxs.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 cdn-b.notsy.io aixcdn.com
cdn-b.notsy.io
2 track.adform.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 pixel.rubiconproject.com 1 redirects
2 ad.360yield.com 2 redirects
2 eus.rubiconproject.com cdn-b.notsy.io
eus.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn-b.notsy.io
static.criteo.net
2 www.google.com hyser.ua
tpc.googlesyndication.com
2 a4p.adpartner.pro 1 redirects cdn-b.notsy.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 aixcdn.com hyser.ua
aixcdn.com
1 tracking-a.dsp.m6r.eu 1 redirects
1 tracking.m6r.eu 1 redirects
1 dis.criteo.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 id.rlcdn.com
1 ads.yahoo.com
1 match.adsrvr.org
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com
1 rtb.openx.net
1 eb2.3lift.com cdn-b.notsy.io
1 s.console.adtarget.com.tr cdn-b.notsy.io
1 acdn.adnxs.com cdn-b.notsy.io
1 csync.loopme.me 1 redirects
1 mug.criteo.com
1 b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 c.aixcdn.com
1 www.google.co.uk hyser.ua
1 ghb.adtelligent.com cdn-b.notsy.io
1 tlx.3lift.com cdn-b.notsy.io
1 bidder.criteo.com cdn-b.notsy.io
1 adx.adform.net cdn-b.notsy.io
1 cdn.jsdelivr.net cdn-b.notsy.io
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com aixcdn.com
1 c.bigmir.net hyser.ua
1 cdn.getpush.net hyser.ua
1 www.googletagmanager.com hyser.ua
116 58

This site contains links to these domains. Also see Links.

Domain
t.me
glamur.hyser.ua
hyser.com.ua
Subject Issuer Validity Valid
hyser.ua
Cloudflare Inc ECC CA-3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
c.bigmir.net
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
cdn-b.notsy.io
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
adpartner.pro
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-06 -
2022-09-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://hyser.ua/
Frame ID: 176E253B2A718C3E2333BA74D32B8F90
Requests: 73 HTTP requests in this frame

Frame: https://b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25B8FEBED0408D4B78791FB26BE7889D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hyser.ua
Frame ID: A778DBDC7EFE50640B2C421DD8B98562
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D9FFD10452D39D7661A13D27700284F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEA84962A5FB6A32BA52CCD1D980F478
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=01c91eb8-0c4c-4ec0-bcce-c3fbbf899af2
Frame ID: 88E32AA6707A896DCBC16E49113253DF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 580914D4C4FD4A0D2F2E9D3BAAF14EA4
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE0BC324CEBF35E1A9721C85E166294F
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 03DD7E290F6BC671679DBC6919138C06
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2041910529A7A75DA7DFC906F9404153
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: C1F3492E297CAAA85BFDF689D838C94F
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: F132E9019E42442254D1E53AF036D7A0
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 5C4F99B9F3DA96CFDFD3FD24129B51FF
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: AEDAC0C7C11D57DB6CB07FBF5613E808
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Последние актуальные новости Киева, Украины и мира. Hyser.ua

Page URL History Show full URLs

  1. http://hyser.ua/ HTTP 301
    https://hyser.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

116
Requests

84 %
HTTPS

45 %
IPv6

36
Domains

58
Subdomains

44
IPs

8
Countries

1260 kB
Transfer

3116 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hyser.ua/ HTTP 301
    https://hyser.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hyser.ua&sn=ChromeSyncframe&so=0&topUrl=hyser.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tAKzDXwrWnVjbDVUZGhqQ2gwYXJ2aGtHWS9lYU1ZWFhJLzgvY1h3K3JVUmFWbVRWaVExRHZBWWFFTWdGdXR6ZlM1U2tISlNBbUlYd3RKb2QydXprMGZqRjRwTFpNYmJXTERDL3ZRSGt4YlFGTTlLYlc0TjExd3A4OVp1TGpLV0tDUnhkZnUwdWViUmhoV0FReXpCVXdhaFR2MUlPRFhTSUdZMEgzRVRBYVJpMnlLZVIydUNWaGVaYW1MeFNEalE4VDc1MGRGdmJ5c2ZNTXRQd0JTN0g5SUJvMm05ZnQ0VWlpRVRuYTZMSm5vRGlyOTdMbjJ1ay9xajZTYTllTm9BaW9WZzlxcXhBN2dlaUR6c2tzMjBMeXM3RWhDZz09fA&cppv=2
Request Chain 73
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=01c91eb8-0c4c-4ec0-bcce-c3fbbf899af2
Request Chain 78
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=434f4ca7-2d7c-46d9-a5f8-76319b01c0fc
Request Chain 79
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f1f74ade-0b80-47e6-9171-59df670ca516
Request Chain 83
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5Q0QyUTAtMUstNlNCWQ==
Request Chain 84
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L49CD2Q0-1K-6SBY
Request Chain 85
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7QX0Z-xzM0X4EaWB7i-Tb8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7610548804802349528
Request Chain 86
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_6Az4askTUGx0P2tsvF3Wg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_6Az4askTUGx0P2tsvF3Wg
Request Chain 87
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNlZDUwMjQ5OGEzY2M5OWYyNGVjNTkzM2VhZTJjMGM4MjkyMmMyNg
Request Chain 89
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L49CD2Q0-1K-6SBY&sigv=1&esig=2~f1233849b980607d65d592c5095156ec55e21ffd
Request Chain 94
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=ff79cdd0c1b8bd01
Request Chain 97
  • https://ih.adscale.de/uu?cbfn=receive&t=1654919540 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1654919540&nut&uu=15bb22f26d074a8387f22d2cda970399
Request Chain 103
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=15bb22f26d074a8387f22d2cda970399&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=101&tpuid=BBID-01-03296335414391759-16626744
Request Chain 104
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=18d58b9ef1690ef3ae05ed3f9d4f7f99e92b284a7eb334b6d2f191090963c3a6&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Fgdpr%3D0%26tpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0&s=183592&tpid=63&uid=18d58b9ef1690ef3ae05ed3f9d4f7f99e92b284a7eb334b6d2f191090963c3a6&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqQRdcy7G1lnyWfXvb5KHAAA%26296
Request Chain 106
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=f9379e7131ab4f11e6ec9fc9c3d3f6a4b94521503f2c9bdfd40eb513086f25b1&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Request Chain 107
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c40f7f39bf12684d686f443190c5e92941d02198896e6314801ae4025b15192c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c40f7f39bf12684d686f443190c5e92941d02198896e6314801ae4025b15192c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=42&gdpr=0&tpuid=6151762475443971495
Request Chain 108
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=6b70b51e5e4b8d752e15ceff6c68717fa27bd9fd3620fc219ca4a22a3d4a54de&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=336d0699-7973-488e-a7fa-fd59b383ba7a&gdpr=0
Request Chain 109
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=5caf944ad6e740d5fd073be91f0056e441bcd02313cb5e36d7eab5374749e0b1&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&gdpr=0&tpuid=CAESEOGbQ-eI10W-7Yk2ybaUOyE&google_cver=1
Request Chain 111
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50cb7cfb03626774cd6e5299f6505d30d08f0ff00e09603f38714f7a22a5c6db&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50cb7cfb03626774cd6e5299f6505d30d08f0ff00e09603f38714f7a22a5c6db&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/js?tpid=48&tpuid=6a6cbcc512784b211fc887e43b2c4521

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hyser.ua/
Redirect Chain
  • http://hyser.ua/
  • https://hyser.ua/
192 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f948747c57edbc6c51529946f6a5a86a7471d175aced8920f37eb882bb35f7a2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-h2-pushed
</fonts/icons.woff2?mpderz>,</fonts/PTSerif-Bold.woff2>,</fonts/Lato-Regular.woff2>,</fonts/Lato-Bold.woff2>
cf-ray
71976496efeb0e16-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 03:52:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
</fonts/icons.woff2?mpderz>; rel=preload; as=font; crossorigin="anonymous",</fonts/PTSerif-Bold.woff2>; rel=preload; as=font; crossorigin="anonymous",</fonts/Lato-Regular.woff2>; rel=preload; as=font; crossorigin="anonymous",</fonts/Lato-Bold.woff2>; rel=preload; as=font; crossorigin="anonymous"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQncrbNyti3J2TaaptaxH14H02YgRM1HdfnDsQpjaGxca9ql7BGLjtDu%2FFBykdy%2F%2BqPPbWx9yt14Bobi1ebJMYGFfvwL5sdsztZ0XPSMKeD55mUFw6oLCiCAx%2Bu7li5EuU%2F07v5eJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
HIT
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
719764959b3a83a3-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 11 Jun 2022 03:52:14 GMT
Expires
Sat, 11 Jun 2022 04:52:14 GMT
Location
https://hyser.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mlkMbVE3Z9lGIt%2BSGf8dKnqRrXktbald1IMJfE%2B4UVaywsbKL9sN8W3%2FXHXoUcrX8530ffDcyuXSsuNNupZCVVD8wkmDpPf%2BW1qGjysBG2pzxJ38GMTq5uRbu%2Fgb0H2db8ASK%2FjAA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icons.woff2
hyser.ua/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/fonts/icons.woff2?mpderz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8074d53bf18a06aa5618ded643481db00ec1c9b6a2ba394f550a8a8aeb0ecd4c

Request headers

Referer
https://hyser.ua/
Origin
https://hyser.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82352
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2136
pragma
public
last-modified
Fri, 12 Nov 2021 17:26:12 GMT
server
cloudflare
etag
"618ea3b4-858"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAgtTZULLCoAewGCs2j6FXf7o%2FnLD7RDFZcpWk0hBTN1YJaHQArOICqDTKotdNouVbV3OEpt3d7JFsObSaZNJgs6PxVar7KhjTA6cAb%2BfvlrKn6lPpkRi8Wukl52hY%2FLm2lTvEtv%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
71976497280c0e16-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
PTSerif-Bold.woff2
hyser.ua/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/fonts/PTSerif-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02889abfef54353507d98c9dafc3748cdd9971a25d03248032a183f9c80476d

Request headers

Referer
https://hyser.ua/
Origin
https://hyser.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11047491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48424
pragma
public
last-modified
Fri, 12 Nov 2021 17:26:12 GMT
server
cloudflare
etag
"618ea3b4-bd28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIPjL%2BX5Zd2urQB4jMLOjxUfZGCijDy9TU2vNiRTWLFg3iK4WZU5d6Lp4vMEd9prflvTTzHmPedPoLssCMkAEUU6Gsg97yZDtf2uJ6OUACqbhQkOVkHF7Mpkl6MXFY%2FvOCOJHS4sHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
71976497280d0e16-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Regular.woff2
hyser.ua/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/fonts/Lato-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e55e331c84e7dd7daf6b6c11f5521fa0891c5403e9979d9e55fbd5fe4e09df7

Request headers

Referer
https://hyser.ua/
Origin
https://hyser.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16124114
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50288
pragma
public
last-modified
Fri, 12 Nov 2021 17:26:12 GMT
server
cloudflare
etag
"618ea3b4-c470"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC6QY9vF3wCyzwpzztyMtOMgpodTF79kK94lXkx2qk%2FTsrvdMjvU8MnDfP3kBU5V3hI7ZdlKmj1JJfrC6E5lCQ7qhuX2AVsYumdayMV8KMb8ioXl5QS%2FS1bqD3JhHlY5eZti6n2XGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
71976497280e0e16-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Bold.woff2
hyser.ua/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/fonts/Lato-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e487193d1b9eb2d9d2123473f3c0c80ca7361bee68c030b6ac2e2aa4b4d7ce

Request headers

Referer
https://hyser.ua/
Origin
https://hyser.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16124114
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50376
pragma
public
last-modified
Fri, 12 Nov 2021 17:26:12 GMT
server
cloudflare
etag
"618ea3b4-c4c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0STkmxlC7RDleZz%2FHg%2BstYJ9ReIJdE1eHaXEzMgxC3V%2BfFXmlwHUtGt9xP%2B44cFVl1OVOsBe%2BXnGRMfeyKnEgcVP3VSzlbQMC13kdYDm3nIcGogd6sayRWFSZZfUx%2Bha6JoG7QORw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
71976497280f0e16-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDZQGC9
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9871835450ede758ecad9f339ebaebb882fd9aabb0ccf35d1c15b46791b314a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39828
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 03:52:15 GMT
invisible.js
hyser.ua/cdn-cgi/challenge-platform/h/g/scripts/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1654905600
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a295723bf1f67a34a1a4f9fc7f3bba1d8eacf7241ff88a8bde5cbe3d29dc07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBSYDi4KOHvWu8SbK5g7hcPrmyj%2BNnB7uiyvJ7JBp44a%2F6mtHrECgd3GdiSFgjoC1S5vQHASws6dY7Mrdmswhs3MKiT9bL4%2FAYSpB%2FflwlbK18fc8QeWE6dS62ENPJZLjrNYBQPgsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7197649808920e16-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
hyser.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Jun 2022 15:46:20 GMT
server
cloudflare
etag
W/"62a3674c-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FPsi8sPD3Ri0wforlnkO3x9jUOaKUohGyZ%2Bz5kCQVOSKt5etc%2BGf1b%2BvKnFPBgJYWym7vDcgcu0kgo8ExXmh8Y9iermu4D4e9dSpsShgeVgzjj4Z4I3%2FrlKiLEahJLCh6NBUZBLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71976498194b375d-MXP
vary
Accept-Encoding
expires
Mon, 13 Jun 2022 03:52:15 GMT
app.js
hyser.ua/desktop/js/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/desktop/js/app.js?id=666a8e5d1f140016f13d
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e2e8afa3450f7688ca73bd2cdfe40214eb70a1d0abbcce3e58f7b8a673c054

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436778
cf-polished
origSize=89544
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 10 Jan 2022 17:59:57 GMT
server
cloudflare
etag
W/"61dc741d-15dc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boPUPWiLS57Rds52346G2%2F6PeqGWX9AhcNqLINc8RywkpOjuyEw%2FT2fP%2FZ%2Fcbm4UNaFcl1SMWgTY2L4cllVOrapcgUC6lil7DMXRQr7aX87Kq8f0F0BBsKa48yIfvj5zQ8DkDfqKMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
public, max-age=315360000
cf-ray
71976498194d375d-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
client.js
s.getstat.net/cdn/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.getstat.net/cdn/client.js
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 15:15:08 GMT
server
cloudflare
etag
W/"6260237c-3e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wla2vC1sPb0IfE%2FeGe4OEeGiqVsisxCGNqOEFCd9%2FsO%2FGh5xw9BLrYgyP06qlP2m1uIeK8s%2BJbA1V%2FrDWx1950hjbEUidMmDco2Tmfid2xmAD2I2hhgr5xvqhteWhgZPIcRTvu5qmIUxw3bl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
719764991ca85a19-MXP
cf-bgj
minify
client.js
cdn.getpush.net/s/swsdvsaruzw8n3j7kkdzlrlnzhts3eg1/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getpush.net/s/swsdvsaruzw8n3j7kkdzlrlnzhts3eg1/client.js
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e196a8bd26ef69574a221c1378024e9e865ec865eff0aae979a3b49387abd68b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6687
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 11 Jun 2022 00:35:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWOJyiDW2rjUmqHhdLZNL6MCS5XLHicsi%2BUKCmKPIe5FgB9Qax2g44dLOGKX7MmU66MEuyJBba147880zwqFjMUA3O5yN44l9eYWVJ8Tc9LzN8dGZ1%2FjDQSgwEmpBYj32vGQJ2bOx6eUSRpjrco%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://hyser.ua
cache-control
max-age=14400, public
cf-ray
719764991d2d59a7-MXP
cf-bgj
minify
PTSerif-Regular.woff2
hyser.ua/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/fonts/PTSerif-Regular.woff2
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd98d01a833cc73d151cb09112775dec0af6f13b059835b9baea6cd9a31bf17

Request headers

Referer
https://hyser.ua/
Origin
https://hyser.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5790484
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57060
pragma
public
last-modified
Fri, 12 Nov 2021 17:26:12 GMT
server
cloudflare
etag
"618ea3b4-dee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2k00PVMFynNxdl05uxJPMafjdsMQCIEUXjkf%2BXTnviiPUnw2hU2NruVF40KzN0HTVAi%2FRPgE%2FpT8t0%2BRINHksRsne%2BeQCfffRmMIGGkjN5NHshOJqybM%2FlWzInLrxNgiKsIQ9%2BxHrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
719764982958375d-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
JAfZVuth50ikTHZThs4KHotVZQYCTEKpcvnvSEPU.jpeg
hyser.ua/crops/df4ed2/150x100/2/0/2022/06/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/df4ed2/150x100/2/0/2022/06/10/JAfZVuth50ikTHZThs4KHotVZQYCTEKpcvnvSEPU.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc2f213abd342860a4d39295fe692b9bde00b92afba549dc351df53ea50599b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 19:10:13 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE1GYvsjg2Zd7FzOC68pWA5Ybp%2BNYtbnBYC7ssUr%2Ftu6C4I713xU9DH%2F%2BEAX0%2Bnqvn0XUQy%2F5ppuKYndLH%2BQyCZV6oRIuaQIBtae5%2Bu%2FKsG9ILlqTIPAEc%2BzfCGDStVM4Bw%2BcgAhrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764985985375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6710
client.js
aixcdn.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/client.js?165492
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9457
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 16:27:29 GMT
server
cloudflare
etag
W/"62599cf1-5a3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJGhd4kgtyZE825kaXEm1ipCO2B6XIBsuwEUl%2FwicVkFG7tsgrDc8GZkWa4rJQgZ6O3cMvC4h4P8gkwx7m7oz8ddgLswMoQaj1e6AYzkuGNbIVKV5Lad4NCvCby9Vea3cLTIup%2BZ%2B1Ia"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
71976499684083ac-MXP
expires
Sat, 11 Jun 2022 02:40:42 GMT
/
c.bigmir.net/ 		130 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v16956800&s16956361&t0&c1&n246867&w0&y0&d24&r1600
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
d37f3c2774902cd5a3a595131166f92dec5b4334ed734314554974af119d58ae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:15 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
pica.js
hyser.ua/cdn-cgi/challenge-platform/h/g/scripts/ 		25 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2072047d454dbd035b63cdf8dfdc3b150b047e9660f721cb11d7f0bf4d12772

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH1F4S8%2BJdUQ8SjJFRwn0tuVjl8cWEyLgaGu8dnXYWpHG0pY2snHtQWjB37ngPT0deSIimj0UbWqlE%2FH5FprS4yMyCgbZLXeGUkBkOp%2F69%2B724np5DNUHser7PEE563bVYRdX%2F5VPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
7197649899c9375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
B8MNDAx9qhmF5hRYC3vWiHvjqjiCF2cmhE7087kB.jpeg
hyser.ua/crops/405913/150x100/2/0/2022/06/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/405913/150x100/2/0/2022/06/10/B8MNDAx9qhmF5hRYC3vWiHvjqjiCF2cmhE7087kB.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eca14e872c8b7d0fa7da30fa61b81a94f1003bc3c2f945604af385960f1e39b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 16:05:59 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXVJs%2BAK26gXd9vP6zS1JxF61TlD7WKpDIBO%2FTJ1%2FyakJwWo%2BlRtussWnmSXiszsBzfHsSx1aptVIDdNcUH%2B3jsxj%2BuvbTEz%2BkzVYpqtcokIzWt6m%2FSOv%2FFwV%2BPD0wKPeC92Bv4nvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a27375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4584
IYzuthh4vnFDDEVrf5APteff9jkJAcONWdUCpNyh.jpeg
hyser.ua/crops/a89a34/150x100/2/0/2022/06/10/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/a89a34/150x100/2/0/2022/06/10/IYzuthh4vnFDDEVrf5APteff9jkJAcONWdUCpNyh.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a957b8f6a5181dbe1c485cb0837f7c4b0cc1b314efbf7846c7100933d201e1eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 17:57:16 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j1c9jEPgPl779z68pNUmqIV5IvywhRMZaIUauSrut26DkEWfFFb%2FlWTg8vLp1u0g9IML96m%2B5GV1aT3bxAZMmPRsjRE%2FCrQZ8Tka5Q6DKhrHluwoYxV9Qc2QggWJzeTw2r1O1o1YA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a29375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6172
TOvA5KMN8ugaidTIL3ZpMSt0HWp23T6EEphr3rL9.jpeg
hyser.ua/crops/a1250a/150x100/2/0/2022/06/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/a1250a/150x100/2/0/2022/06/10/TOvA5KMN8ugaidTIL3ZpMSt0HWp23T6EEphr3rL9.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bcbd402d710c2416d3de3c75672759cf4daf3ff4a7b48f9d92193403038447

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 17:00:55 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50LeJUcQmBbXFvzjxPwjrEcDH3tDKSACKI8bnWdtYo9VNxcuhAxZypcYN0pKzb35ZBe8KiDMMUNGmqEMOqcSjGghE9emG6HX1YbrkwoHPGnGnqmTmYY8z%2FoWpg8bWgA%2Bfuys6ZZPJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a2c375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7062
AVpJcD3cs5J0x11pZWhbzd2RAI77md8Qo2UFAyXD.jpeg
hyser.ua/crops/0487fb/150x100/2/0/2022/06/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/0487fb/150x100/2/0/2022/06/10/AVpJcD3cs5J0x11pZWhbzd2RAI77md8Qo2UFAyXD.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8b13f1c9a2cf144651ef0f4bbe1c264d184f579709f71d992b17eb0efe0991

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 14:23:42 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zq8nGvltpXdxK6ogt%2FhMunmehcMNz9C%2BwkZVStShFe%2FGkwjbkzijAa3%2B32qEui7NY5dVRiKEtl3t58WJUREfigB2i1PSp0aXY0cl15H1RXWNE4arbQrSMcMeCnyGHk2Etp9X%2FjHIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a2d375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4904
VVLHkIEUBQbJlMMWn1LAAF4cMRGwgtY8lw34puKZ.jpeg
hyser.ua/crops/63947f/150x100/2/0/2022/06/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/63947f/150x100/2/0/2022/06/10/VVLHkIEUBQbJlMMWn1LAAF4cMRGwgtY8lw34puKZ.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a42893ca8fdd0804f305fa6daa0c49417101ca0f9a6455a7cbc4e63a8b8d70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 16:01:45 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YLkanJubudu427mtBg%2BuzPqjpZVCT5h72aQTNizedDseGuAeOILyxc4A7ZQZuV%2F7Wow6KDBUIPMipwC9DR%2FcuYmkbbRcwFVry06yHSG0zqZubPed0hMnDU%2BnYWGgRI%2Fy72%2BBW9VXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a2f375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6725
IYzuthh4vnFDDEVrf5APteff9jkJAcONWdUCpNyh.jpeg
hyser.ua/crops/6587f5/735x400/2/0/2022/06/10/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/6587f5/735x400/2/0/2022/06/10/IYzuthh4vnFDDEVrf5APteff9jkJAcONWdUCpNyh.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccd091aa07c56cb285370c978b30ac9aab7a0e7a3f865dc8ddb8307b97ac715

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 18:01:52 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj6nA8UlMHtOdemu9gQGxsyJdNVUeq7reqcLfhjJiOFOKxe5w5RDDrE71NeiQeCycdkndlrlGf08PkGIK51y%2Fvh7btRati3WFvViPgR0%2FowidZ9XUNnOxGVPZS28tQDY3lpBrGGf1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a30375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54225
7edFd0mHdogStv8VwSJNsvnQxrqn3KxTzvxqG5Mg.jpeg
hyser.ua/crops/d88cc1/735x400/2/0/2022/06/10/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/d88cc1/735x400/2/0/2022/06/10/7edFd0mHdogStv8VwSJNsvnQxrqn3KxTzvxqG5Mg.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
910f536bcf07ac961cc4979839243a5e4282f41f5700915bd49c24e6987750cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 14:32:29 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pik0OVlh7%2BDxrG4T3A8XfzkdnF3KoiH24yT%2FeoRUezqOE3MzVEWD65cG9Y5V4HXkPYx35bXAdoZD82yFoNCYjYYlr7PFH7s89lfLTf8BecriFUfcAVoyMRFHmo3e07Ng3JrDoyVR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a31375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43729
efqxqqe4WDPdyMl5A4SECrt64LyGpWbTZZLozOXu.jpeg
hyser.ua/crops/10c61f/225x180/2/0/2022/06/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/10c61f/225x180/2/0/2022/06/10/efqxqqe4WDPdyMl5A4SECrt64LyGpWbTZZLozOXu.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8aa467617bed0dab37b96391f9ccbf182683987b1c74ddcf62be5ef5127b8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30788
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6042
last-modified
Fri, 10 Jun 2022 17:35:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Af8NR3p00a75%2Bd5h0kp4qI5BhPj0p3cmVu20UsFQillPn7V5Ewyt9fkvZX8QmbdswzVhfDoS%2BTofOKDLxn4WFHZXp%2Fjy6uaRGlgmuL86IyyRVUrtOrhwQj0eO5jzUwiWFdylGyHTZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
719764994a32375d-MXP
Y1j5z7hskYyFrkcrissQQjBk0XmEdtKgggLuc3mS.jpeg
hyser.ua/crops/2d71d6/225x180/2/0/2022/06/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/2d71d6/225x180/2/0/2022/06/08/Y1j5z7hskYyFrkcrissQQjBk0XmEdtKgggLuc3mS.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be318e77bfde25dbfbf28093945f807cb7450e6e99d4ba1b7c253b00ec31bf9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 06:01:57 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pACXl%2FhZ%2BTMPWNXEui3a5%2B00qFrQFOVYitxcLvMEZQLGWhWTviSribu2QE5cHp9WrAGLVaOOoWxkaPFupy9vs%2BJe9MChTmNsFsqjhj0pRY8ep2sAmhXiAeRUHkQaEcAuS2brUqLdPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a33375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7576
YxLqPgfLElDk1W37zC5sVPo7eD4nAhc5mtbNJ5he.jpeg
hyser.ua/crops/8ec9a5/225x180/2/0/2022/06/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/8ec9a5/225x180/2/0/2022/06/08/YxLqPgfLElDk1W37zC5sVPo7eD4nAhc5mtbNJ5he.jpeg
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f57bf5f97e3205cbbdb160cd689db1b6fcc2db4ea80b7e3c5591a948af32a55

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jun 2022 20:02:11 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2F2SQGdd4oqr93bfA%2BkXatY1yQmP3aVM7iU3N2wgiFwW6JaVuKD6UhABGUtiHYsZ0M9RuIlJgwjyDigDqaq3pU7Edomcp36JGgo73RjYjt8aImDxmDSm338WHRj9GfjgAo85JZNv8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764994a34375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11700
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDZQGC9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1049
date
Sat, 11 Jun 2022 03:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 05:34:46 GMT
pv
s.getstat.net/ 		42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/pv?u=https%3A%2F%2Fhyser.ua%2F&d=hyser.ua&s=&t=&l=ru&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=4&r=0.34654385301519985
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vbuy3qukl%2FJFRV4iStbWZ00ouXcDnJS7iIECl%2BYEAxl4vNxQNFaQA%2Fp6wI411F7wAAnoBKJmE6bw0XGXhFoW5lTv4QdEV40n%2FHfVuVQ9ev3wYs2L5y1g1pq5rcGByJ3pYW8iV4GOvlyKlvTn"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
71976499fecb5a31-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
metric
s.getstat.net/ 		42 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/metric?u=https%3A%2F%2Fhyser.ua%2F&d=hyser.ua&s=&t=&l=ru&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=4&r=0.18549938637401509&k=3&v=104
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6oh6Nu8R5xnvLjL8vIthBurvWj4JR9HpPaY7iSDFEtriZfuaNLo5wKWLeAQwyXPtlQ%2FjPvbvQQDyjx3NPuJmLPeLyjJ0aNTEgc6l3xwe0qCXyzLL7qP0Nvt2NFsvm%2FZYFu8aLnQ25OfI%2B9R"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
71976499fecf5a31-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
metric
s.getstat.net/ 		42 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/metric?u=https%3A%2F%2Fhyser.ua%2F&d=hyser.ua&s=&t=&l=ru&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=4&r=0.6780103854088186&k=4&v=477
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fTQ6xZ1rXBJQaOQns4%2FQZSQNo1QpKA8cJ9N9aPmoW6OOnSxYRzmEz%2F6ldMS60w1uxVkDuqJiQsSaDLBP%2FI9SeiyC8HTUIXJTRpmxagT1gGQdyy5d9KxBZON3dLdPRUu1Vlc4n9z2nDZTwJK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
71976499fecd5a31-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
264
aixcdn.com/p/ 		377 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/p/264
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?165492
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6533597b9cfe5c936ed998760efacecd0967a68b93a38cfde85ef7908370e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 10:32:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vq5mAlqnBAHMmH8N41xOKOFPw2v2Ng9Ech5dGVK%2Br9TYjKw7lKKstYbSRXt%2FE4M1fjPnY%2BvufV0aL5n9tfFOMw55j4hFt3IMBaUsW0or12NYJz2EGrdixVivqJvIjOgoK7lb44MUYYwV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
7197649a4a3b59bf-MXP
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1699708838&t=pageview&_s=1&dl=https%3A%2F%2Fhyser.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B0%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20Hyser.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=190931455&gjid=1927127353&cid=626732754.1654919536&tid=UA-63174230-1&_gid=322754783.1654919536&_r=1&gtm=2wg680WDZQGC9&z=1021700285
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hyser.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?165492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5edbb8dcaa1f00e81f3bf02059f7156d1c670a8d488e119c2a4842f4734b1734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28074
x-xss-protection
0
server
sffe
etag
"1241 / 375 of 1000 / last-modified: 1654898807"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Jun 2022 03:52:15 GMT
ym.js
cdn-b.notsy.io/hys/ 		329 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-b.notsy.io/hys/ym.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?165492
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
da424d28f565961b8c1f303bfa5f8547b38dc6499aaa87c377739ca7e9969e3d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
content-encoding
br
cdn-edgestorageid
887
cdn-fileserver
271
cdn-storageserver
DE-199
cdn-cachedat
06/09/2022 16:11:46
cdn-pullzone
139012
server
BunnyCDN-CZ1-887
last-modified
Thu, 09 Jun 2022 06:39:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62a195a4-524ba"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
86de74adc45286d296fced9737dda50a
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
71976496efeb0e16
hyser.ua/cdn-cgi/challenge-platform/h/g/cv/result/ 		2 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hyser.ua/cdn-cgi/challenge-platform/h/g/cv/result/71976496efeb0e16
Requested by
Host: hyser.ua
URL: https://hyser.ua/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1654905600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 11 Jun 2022 03:52:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2l9dignQjmi8AOv0%2Fp8wAF5e1WTKg2Cox5x678XRdJTjPrDtIgCKmFJi0Zs7jgRaU45XcDKObbsWVBcTDLwdQpO7ipVLvH7IZaoqxuqU9pt8rvI%2BBqVEjagPgtOLgXoFSsaSGHnLYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7197649c5c4f375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63174230-1&cid=626732754.1654919536&jid=190931455&gjid=1927127353&_gid=322754783.1654919536&_u=YEBAAEAAAAAAAC~&z=793232558
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 11 Jun 2022 03:52:16 GMT
content-type
text/plain
access-control-allow-origin
https://hyser.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022060701.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
72ec618723da6d0be7eeda72a1842f3b6925229960b5b31aa54f38b10041dda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 10:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127778
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 08:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Jun 2023 10:32:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		124 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hyser.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
79fcff3bfc8b3506816b8357ee57156955680dc5170c610bd4539d34300b563e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 03:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Sat, 11 Jun 2022 03:52:16 GMT
video.js
cdn-b.notsy.io/video/ 		200 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-b.notsy.io/video/video.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
f17f658a7e0371d96e3cb85fd510deb02c061e971770a6df824c469118a36885

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:16 GMT
content-encoding
br
cdn-edgestorageid
887
cdn-fileserver
224
cdn-storageserver
DE-168
cdn-cachedat
06/09/2022 15:54:33
cdn-pullzone
139012
server
BunnyCDN-CZ1-887
last-modified
Wed, 08 Jun 2022 06:19:27 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62a03f6f-31f21"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
16e5861e261b5d85db94a7149adff77d
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220611
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4914f928e22ae90757130515612f04ae9fee134e9e25a445ee83e17d6586d44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Jun 2022 03:52:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3075
x-jsd-version
1.0.1368
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-iad-kiad7000083-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-95Onpyi1cNNIwA1UofqLrDz7n7s"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FBoZNb8BFH4LEYZ%2FbJNysxJvcahAhkoWYChF5tlJed6oK7hwxcbIDCKIcD4wI5cR15Hpw3iKPiO8Sz2fyxdOObflhpjSSrIqtxN1NcvdtwKk7SxQ%2FgVrquc5uuGDs3tz%2FnmEU0zUZWZLoO%2FwiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7197649d8abf0204-ZRH
access-control-expose-headers
*
/
adx.adform.net/adx/ 		40 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzMjQzODMmdHJhbnNhY3Rpb25JZD0wZjliMzk2Yi1iYzdiLTQ2NjAtYTVlOC1jMmZkYWE3YzRiODYmcmN1cj1FVVI%3D&bWlkPTEzMjQzODUmdHJhbnNhY3Rpb25JZD0wYWE2ODMzMy02MTEyLTRmZDgtYmMxMy04OTM1NTIzNTU3MmUmcmN1cj1FVVI%3D&bWlkPTEzMjQzODcmdHJhbnNhY3Rpb25JZD1mZGNlMjFhZC01MWJkLTQxZmItYjJkZi0yNTIyOGRlNWNmODMmcmN1cj1FVVI%3D&bWlkPTEzMjQzODkmdHJhbnNhY3Rpb25JZD1lMDUwNDkzOC0xNTJiLTQ5OGEtOTFhMS0yOTJlODZkZDUxNzgmcmN1cj1FVVI%3D&bWlkPTEzMjMzNTUmdHJhbnNhY3Rpb25JZD03N2Q4ODE3NS1hMjNiLTQ3MDEtYjAyMy01NWY3NWE0ZDZhYTUmcmN1cj1FVVI%3D&bWlkPTEzMjMzNTYmdHJhbnNhY3Rpb25JZD01MjUyOGQyYi1mNjU0LTQ3M2EtYmJiOS1jNjJmNjEwNjY1ODUmcmN1cj1FVVI%3D&bWlkPTEzMjQzOTEmdHJhbnNhY3Rpb25JZD1iYjczOGQxYy0wOTE3LTQ1MGUtYWZlYy1hNzQ1MjhhZjQzZmUmcmN1cj1FVVI%3D&bWlkPTEzMjMzNTImdHJhbnNhY3Rpb25JZD0zNTA4YjAwNC00MjRhLTRlYTktYWUzMS1lMDkyN2FkYzNkMzImcmN1cj1FVVI%3D&pt=gross&stid=649a6f20-6fe2-4703-b3d7-e2beaec089ac&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
50751afb202533244586716dc039eb6eeb1c0577be5077d6a805ae20dde1d2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hyser.ua
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		123 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ff5b0d3fb66832925d890dd59615c8948ee040f232bf9bf16693da1521e59e3e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 11 Jun 2022 03:52:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd3cb5df-81b9-4bab-a794-9926b565098c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294622&size_id=16&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=0f9b396b-bc7b-4660-a5e8-c2fdaa7c4b86&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9748822273326323
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd6e681e009391e0838a0f1eb234928ebea3b228731e17e94f4f00a34cfb61ea

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294624&size_id=16&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=0aa68333-6112-4fd8-bc13-89355235572e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5916528378450538
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c4b200208edbc6c11efc9283229b997c73dab213c23dee23bb2802346c437941

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294626&size_id=16&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=fdce21ad-51bd-41fb-b2df-25228de5cf83&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5560909364078293
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2292fada657d1b489e24b708c5409cb4ae784d8a26d5544d156718afb5308c1

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294628&size_id=16&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=e0504938-152b-498a-91a1-292e86dd5178&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.028061046269557854
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b49a3740206719c42659543bd020656ca4d1ce1f2c2984858bb46ac7f9543edc

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294414&size_id=10&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=77d88175-a23b-4701-b023-55f75a4d6aa5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8856405521763233
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed8e936dea3b61f608d1065adfd9b0ccc2b85b9c6d813fa86964bf605448a4c5

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294416&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=52528d2b-f654-473a-bbb9-c62f61066585&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33867427108178183
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1b67c901bd12ae2e069e865a638b97b9b22214a290ebf04aa8c187b1902e6315

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294630&size_id=16&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=bb738d1c-0917-450e-afec-a74528af43fe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5607490816748268
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7a025a6192967b25d8a095f2cc77e000afec0b1dc3c73ea4769028595f25c479

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294410&size_id=57&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=3508b004-424a-4ea9-ae31-e0927adc3d32&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9338778509644055
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
25fd2952483aecbfe34845b72131ae10757b89f7e1a6d87df36477d3879bfd06

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hyser.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=33854820867
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Jun 2022 03:52:15 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://hyser.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
a4p.adpartner.pro/hb/ 		386 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8199,8200,8201,8202,8203,8204,8196,8195&sizes=336x280,336x280,336x280,336x280,300x600,300x600|300x250,336x280,970x250&referer=https%3A%2F%2Fhyser.ua%2F
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
3cb5ab845891ae849b37550c66899b7b9f7159e802b49724444dda65d4db03a9

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hyser.ua
date
Sat, 11 Jun 2022 03:52:16 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fhyser.ua%2F&tmax=1000
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.145.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-145-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:16 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hyser.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		12 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3847336e9ccb91a3bf9b5df8051453cee5c2c506d3945f0863a84409cf2d4b0c

Request headers

Referer
https://hyser.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 11 Jun 2022 03:52:16 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://hyser.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1067
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63174230-1&cid=626732754.1654919536&jid=190931455&_u=YEBAAEAAAAAAAC~&z=214038435
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63174230-1&cid=626732754.1654919536&jid=190931455&_u=YEBAAEAAAAAAAC~&z=214038435
Requested by
Host: hyser.ua
URL: https://hyser.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geolocation.json
cdn-b.notsy.io/ 		3 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-b.notsy.io/geolocation.json
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:16 GMT
cdn-edgestorageid
887
cdn-fileserver
309
cdn-storageserver
DE-167
access-control-expose-headers
x-ym-country, cdn-requestcountrycode
cdn-cachedat
06/09/2022 15:54:31
cdn-pullzone
139012
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country
GB
content-length
3
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"622b54c3-3"
content-type
text/plain
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
9cb080143334d1d2e8ed5b88a4c6624a
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
/
c.aixcdn.com/ 		42 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aixcdn.com/?4113&r=9046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bseYrv82KT3YduIYecCsmCxXhah6lyRtwBysoAVwysWJVvI4yR1xFovfdoXEs%2FK%2Bi%2BkZG%2B91tb0hJON5Kw1VmD4e6ks0PL%2Bt6lKF2w6BfxCdJxwqbDqNHDEoVDKf52rYNd4g4jNWKMJfBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
719764a02ea083ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=hyser.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hyser.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		570 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=421855489921839&correlator=4093103040464109&eid=31065401%2C44755510&output=ldjh&gdfp_req=1&vrg=2022060701&ptt=17&impl=fifs&iu_parts=21863949019%2CHYS_ITA_336%2CHYS_ITA_336_1%2CHYS_ITA_336_2%2CHYS_ITA_336_3%2CHYS_SBR_300c%2CHYS_SBR_300c_1%2CHYS_BTA_336%2CHYS_ATC_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=320x50%7C336x280%2C320x50%7C336x280%2C320x50%7C336x280%2C320x50%7C336x280%2C300x600%2C300x600%7C300x250%2C320x50%7C336x280%2C320x50%7C970x250&fluid=height%2Cheight%2Cheight%2Cheight%2C0%2C0%2Cheight%2Cheight&ifi=1&adks=118323584%2C938390922%2C1999787718%2C1140906496%2C1830702087%2C95717922%2C4043827992%2C3263883196&sfv=1-0-38&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ecs=20220611&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D645843e680d9b2e%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D645843e680d9b2e%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D65fb735f7f043aa%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D65fb735f7f043aa%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D66440651ce6d732%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D66440651ce6d732%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D6717fc395112d09%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D6717fc395112d09%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D686f5dce794f1e3%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D686f5dce794f1e3%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.39%26hb_adid_appnexus%3D69e9fdcd22b80c8%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.39%26hb_adid%3D69e9fdcd22b80c8%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D70d6ccfca0d9792%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.00%26hb_adid%3D70d6ccfca0d9792%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D71626680baaf5d2%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D71626680baaf5d2%26hb_bidder%3Dappnexus&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1654919537115&lmt=1654919537&dlt=1654919535274&idt=1041&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhyser.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=626732754.1654919536&ga_sid=1654919537&ga_hid=1699708838&ga_fc=true&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
52afcadfb3a991f43070dc0fa45eb07defa328a37ef809da1ac2d190c0ef75b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104123
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5950542637,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138384284409,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hyser.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcf7f9cd94777cef9b138bb712d480c133644e4d37dd4e5443b4b42dea7e32a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10571
x-xss-protection
0
container.html
b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25B8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 03:52:17 GMT
expires
Sun, 11 Jun 2023 03:52:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jun 2022 03:52:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 03:52:17 GMT
syncframe
gum.criteo.com/ Frame A778 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hyser.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6123
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 03:52:16 GMT
server-processing-duration-in-ticks
2282
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jun 2022 03:52:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D9F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
56752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 12:06:25 GMT
expires
Sat, 10 Jun 2023 12:06:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FEA8 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ba93549874225cdc466d3709ce49485ff362e4371f39a8ccc849c3e356a8b85
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XQYQpqM9FK-WU0q8_rPtmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-XQYQpqM9FK-WU0q8_rPtmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 03:52:17 GMT
expires
Sat, 11 Jun 2022 03:52:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame A778
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hyser.ua&sn=ChromeSyncframe&so=0&topUrl=hyser.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=tAKzDXwrWnVjbDVUZGhqQ2gwYXJ2aGtHWS9lYU1ZWFhJLzgvY1h3K3JVUmFWbVRWaVExRHZBWWFFTWdGdXR6ZlM1U2tISlNBbUlYd3RKb2QydXprMGZqRjRwTFpNYmJXTERDL3ZRSGt4YlFGTTlLYlc0TjExd3A4OVp1TG...
433 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tAKzDXwrWnVjbDVUZGhqQ2gwYXJ2aGtHWS9lYU1ZWFhJLzgvY1h3K3JVUmFWbVRWaVExRHZBWWFFTWdGdXR6ZlM1U2tISlNBbUlYd3RKb2QydXprMGZqRjRwTFpNYmJXTERDL3ZRSGt4YlFGTTlLYlc0TjExd3A4OVp1TGpLV0tDUnhkZnUwdWViUmhoV0FReXpCVXdhaFR2MUlPRFhTSUdZMEgzRVRBYVJpMnlLZVIydUNWaGVaYW1MeFNEalE4VDc1MGRGdmJ5c2ZNTXRQd0JTN0g5SUJvMm05ZnQ0VWlpRVRuYTZMSm5vRGlyOTdMbjJ1ay9xajZTYTllTm9BaW9WZzlxcXhBN2dlaUR6c2tzMjBMeXM3RWhDZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
add6f75033fc08572bad2d5aa0da1992593b3ab41d1effa000bbb309b80852c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:17 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5038
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:16 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=tAKzDXwrWnVjbDVUZGhqQ2gwYXJ2aGtHWS9lYU1ZWFhJLzgvY1h3K3JVUmFWbVRWaVExRHZBWWFFTWdGdXR6ZlM1U2tISlNBbUlYd3RKb2QydXprMGZqRjRwTFpNYmJXTERDL3ZRSGt4YlFGTTlLYlc0TjExd3A4OVp1TGpLV0tDUnhkZnUwdWViUmhoV0FReXpCVXdhaFR2MUlPRFhTSUdZMEgzRVRBYVJpMnlLZVIydUNWaGVaYW1MeFNEalE4VDc1MGRGdmJ5c2ZNTXRQd0JTN0g5SUJvMm05ZnQ0VWlpRVRuYTZMSm5vRGlyOTdMbjJ1ay9xajZTYTllTm9BaW9WZzlxcXhBN2dlaUR6c2tzMjBMeXM3RWhDZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1195
content-length
541
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FEA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060701&jk=421855489921839&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame 5D9F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
110689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 5D9F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vwtQjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060701&jk=421855489921839&bg=!yMuly4_NAAaJfvByqX47ACkAdvg8Ws1sUDRGssK-LlrNIbcKe6a_tZ9xeZ3OxU1kY9e0ES0u0zaxGwIAAAB9UgAAAAdoAQeZAq0YlNgoErG2gqIQ66R1w7fNRj-iQ6InnLePNm20oNc8JgQO_q1bhxL997GoaY36oRA8s1LSw5O_eECCY2PcTmLHvuGuuWsBXEaa0Zfpycd6YxCri7UWsRJS5T6WeJ7XPiSHY8pgniV3SW28vnlgogriFEK3ICypmRQteWHtTThkNPi1U00_ToKyDhqfNHbyeUEWRNJZZWCxR-2mIZFjSXRZuNly4yzXI-LmhsYd2pNjO7mLoDkAskhl1Xb2r7aPQ67U66kOp_ytv2Zk_I79hNf00oO-fWWMf9jWd5MOw9DpS2Ie5kr1N821wGgN-rhDZLJQGhc0d2evqsZLLu30ZKi-CzpJkTprpF5FK_IaSpUM4N0DQOK-NjAu35gV2ymR1vwzoQpqrR41SmTx1okRa1hkC9GjWlKtxxTdQAuBsENwPsFpXe6yqGYAmWHRGvWEgQ3N-CHbEgOz-JJ-NvtSL-n3lIxf5VWW-v1CsnYaH3DPSB3pWCjBJUmkC5_eafF5UyNCwTkI0kogPDEZkVzluUB61SvNXOp75jE3sk7hSt6QGiJl1h9KlB2QKP8mA4j18prFYv_KSQRUKGcUCyfoxnCAn-MrAVSN1ABkNgUt9v_0xcPoHTCqu8tHr9-ZgxUeRMI-Pr6rybJjVRb6pTLCi1bkXv8jQJraqtn7oAxGvUe9Mno7s8bLkgmZa3xG5mlsZe8JAmlZnomjshRlVIJODO-QQ-vYvJMdVRyt7XKZZVRiqWs6iW3QVavQ-BEHKq8y9a94UikMCGUhXiLMnZGuCCbuIsowEyTRFOBUQG-YretJdDwdqmISJ-6jhpGZjWInHxfxvaglo7cn9_ve79jM4acNgNA7mkNEvMd8g7vvKvt1gHs-9ZCRHNR1cVwekQKT10Ld2nO8rwZbuKKhqPhu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 88E3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=01c91eb8-0c4c-4ec0-bcce-c3fbbf899af2
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=01c91eb8-0c4c-4ec0-bcce-c3fbbf899af2
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 11 Jun 2022 03:52:20 GMT
Etag
710fa29cf386daf6
Server
VertaMedia 1.0

Redirect headers

content-length
0
date
Sat, 11 Jun 2022 03:52:20 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=01c91eb8-0c4c-4ec0-bcce-c3fbbf899af2
server
_
usync.html
eus.rubiconproject.com/ Frame 5809 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Jun 2022 03:52:20 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE0B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 11 Jun 2022 03:52:20 GMT
ETag
"623de86a-cf34"
Expires
Sun, 12 Jun 2022 03:52:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync.html
s.console.adtarget.com.tr/ Frame 03DD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:852:0:ec4:7aff:fe91:19a -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
c2457b3259b6125151889823525019f87046a456ae572910cc549e5c8172facd

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://hyser.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
774
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Jun 2022 03:52:19 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
eb2.3lift.com/ Frame 2041 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://hyser.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 11 Jun 2022 03:52:20 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=434f4ca7-2d7c-46d9-a5f8-76319b01c0fc
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=434f4ca7-2d7c-46d9-a5f8-76319b01c0fc
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 03:52:20 GMT
Server
VertaMedia 1.0
Etag
710fa29cf386daf6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=434f4ca7-2d7c-46d9-a5f8-76319b01c0fc
date
Sat, 11 Jun 2022 03:52:20 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f1f74ade-0b80-47e6-9171-59df670ca516
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f1f74ade-0b80-47e6-9171-59df670ca516
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 03:52:20 GMT
Server
VertaMedia 1.0
Etag
710fa29cf386daf6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f1f74ade-0b80-47e6-9171-59df670ca516
date
Sat, 11 Jun 2022 03:52:20 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
prebid
rtb.openx.net/sync/ 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0k3090b518nluosi3d8b7nlca415887b
usync.js
eus.rubiconproject.com/ Frame 5809 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 03:52:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36411
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sat, 11 Jun 2022 13:59:11 GMT
async_usersync
ib.adnxs.com/ Frame DE0B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:20 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f4dfe5a8-ebbb-4cf9-8075-4e06fac13f78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5809
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5Q0QyUTAtMUstNlNCWQ==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5Q0QyUTAtMUstNlNCWQ==
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5Q0QyUTAtMUstNlNCWQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5809
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L49CD2Q0-1K-6SBY
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L49CD2Q0-1K-6SBY
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:20 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A087DF582FA6482D88E1AC83BBD2CEAD Ref B: LON04EDGE0820 Ref C: 2022-06-11T03:52:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhI/tfXpBE3D929cYerA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L49CD2Q0-1K-6SBY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5809
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7QX0Z-xzM0X4EaWB7i-Tb8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7610548804802349528
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7610548804802349528
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Sat, 11 Jun 2022 03:52:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7610548804802349528
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5809
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_6Az4askTUGx0P2tsvF3Wg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_6Az4askTUGx0P2tsvF3Wg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_6Az4askTUGx0P2tsvF3Wg
Protocol
HTTP/1.1
Server
52.94.223.37 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0S9K53XKT8XGGH2Y830G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_6Az4askTUGx0P2tsvF3Wg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5809
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNlZDUwMjQ5OGEzY2M5OWYyNGVjNTkzM2VhZTJjMGM4MjkyMmMyNg
170 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNlZDUwMjQ5OGEzY2M5OWYyNGVjNTkzM2VhZTJjMGM4MjkyMmMyNg
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNlZDUwMjQ5OGEzY2M5OWYyNGVjNTkzM2VhZTJjMGM4MjkyMmMyNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 5809 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 5809
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L49CD2Q0-1K-6SBY&sigv=1&esig=2~f1233849b980607d65d592c5095156ec55e21ffd
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L49CD2Q0-1K-6SBY&sigv=1&esig=2~f1233849b980607d65d592c5095156ec55e21ffd
Protocol
H2
Server
2a00:1288:80:807::2 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:20 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L49CD2Q0-1K-6SBY&sigv=1&esig=2~f1233849b980607d65d592c5095156ec55e21ffd
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5809 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
cookie
cm.adform.net/ Frame C1F3 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sat, 11 Jun 2022 03:52:20 GMT
server
nginx
pbsync.html
js.adscale.de/ Frame F132 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3171
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Sat, 11 Jun 2022 02:59:29 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Fri, 10 Jun 2022 08:59:27 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-id
9bNzBehWbaSOZD9trBr4Yz1Vo0BTanwmtzbCwc4PBWWJcEku3TAQMA==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
lJpjBVlrlhbYHTBVCpTt0WEaCVljhCwM
x-cache
Hit from cloudfront
csync
sync.console.adtarget.com.tr/ Frame 5C4F 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 11 Jun 2022 03:52:21 GMT
Etag
ff79cdd0c1b8bd01
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 03DD
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=ff79cdd0c1b8bd01
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=ff79cdd0c1b8bd01
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 03:52:21 GMT
Server
VertaMedia 1.0
Etag
ff79cdd0c1b8bd01
Content-Length
0

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=ff79cdd0c1b8bd01
Date
Sat, 11 Jun 2022 03:52:21 GMT
Server
VertaMedia 1.0
Etag
ff79cdd0c1b8bd01
Content-Length
0
70ozmcxOjCEiHRNPa1gs6gJxFRJjF6AD4N8oI2PO.jpeg
hyser.ua/crops/628324/150x100/2/0/2022/06/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/628324/150x100/2/0/2022/06/10/70ozmcxOjCEiHRNPa1gs6gJxFRJjF6AD4N8oI2PO.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9673280ba73bf9ff38f9d7892012d34e9e7ffd64dee254a7f52449ae5360a391

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:20 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 13:58:25 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYFMpjBLGhweFIC1i8aRNm9POs6Iq0hpCDgwocttlKFuYtlxQMLVJ1oNP46bn5gDxk23bjJTmW7VQmhx63HQEe5DXFwR4hKWjVn079XYvjqZaMlzQzicYlC%2B4eIi7zkhuP3sCMqvQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764b9c94d375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5719
8CT2zhgjkYNWZE6XEZJ3iV81j8Yn1NbFvtouSOSE.jpeg
hyser.ua/crops/e99aac/735x400/2/0/2022/06/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/e99aac/735x400/2/0/2022/06/10/8CT2zhgjkYNWZE6XEZJ3iV81j8Yn1NbFvtouSOSE.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6fb068386858c3a6d5d42eef9cc6b430acc14d2f571d8bcefb234b9a531653

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:20 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 05:02:41 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B6P7DzrEuTmmpj82jT7lEy3nBUHUANPSTwhCO3ipTgtaa1X%2BCVbn64cE1vKieOqQjR7YFdfpApnchXgk0auW6kwY%2B0PaVo6AxEpvlmvNdoeWGduDS%2BT5qjvuTt5DwBswCJo6h4sYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764ba69c3375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37759
uu
ih.adscale.de/ Frame F132
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1654919540
  • https://ih.adscale.de/uu?cbfn=receive&t=1654919540&nut&uu=15bb22f26d074a8387f22d2cda970399
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1654919540&nut&uu=15bb22f26d074a8387f22d2cda970399
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
18dc3216d23dacf30cb2522fb265703b9b057d2e743413bee266bad671379ca4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:21 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1654919540&nut&uu=15bb22f26d074a8387f22d2cda970399
date
Sat, 11 Jun 2022 03:52:21 GMT
content-length
0
userconnect.js
js.adscale.de/ Frame F132 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
eb4KfoHyZOa9.0IXlVjDAvVqdf.zInO4
content-encoding
br
last-modified
Fri, 10 Jun 2022 08:59:27 GMT
server
AmazonS3
age
3172
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sat, 11 Jun 2022 02:59:29 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
wCgfibRQaNv3voM5toIKRsBoxT5we485zIocGqvpr6VEBMqM3QRGMw==
csync
sync.console.adtarget.com.tr/ Frame F132 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=15bb22f26d074a8387f22d2cda970399
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 03:52:21 GMT
Server
VertaMedia 1.0
Etag
7a575b7e69667523
Content-Length
0
userconnect
ih.adscale.de/ Frame F132 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1654919541137&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:21 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame AEDA 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff4fda943fbb0159d12cab77b48fc66071080c34cedd7f4f1297c6b9efffb7cb

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
2792
content-type
text/html;charset=ISO-8859-1
date
Sat, 11 Jun 2022 03:52:21 GMT
match.js
js.adscale.de/ Frame AEDA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
zbEVvMvlbmvMfEs3JIXPO_vZflmTUphp
content-encoding
br
last-modified
Fri, 10 Jun 2022 08:59:27 GMT
server
AmazonS3
age
3172
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sat, 11 Jun 2022 02:59:30 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
4hhXYJ0J-UwfLW9S0vGKTB6FEFNwDC0fYP9rQm7c3oiQbKMBpSj1Bg==
img
ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/ Frame AEDA
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=15bb22f26d074a8387f22d2cda970399&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa11118f0779db3%2F1654919541203%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=101&tpuid=BBID-01-03296335414391759-16626744
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=101&tpuid=BBID-01-03296335414391759-16626744
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sat, 11 Jun 2022 03:52:21 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=101&tpuid=BBID-01-03296335414391759-16626744
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AEDA
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=18d58b9ef1690ef3ae05ed3f9...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Fgdpr%3D0%26tpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adsc...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqQRdcy7G1lnyWfXvb5KHAAA%26296
49 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqQRdcy7G1lnyWfXvb5KHAAA%26296
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqQRdcy7G1lnyWfXvb5KHAAA%26296
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Sat, 11 Jun 2022 03:52:21 GMT
async_usersync
ib.adnxs.com/ Frame DE0B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Jun 2022 03:52:21 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f667b9c6-01c1-4994-b829-75c5eaab00f0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AEDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=f9379e7131ab4f11e6ec9fc...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
49 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sat, 11 Jun 2022 03:52:22 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 11 Jun 2022 03:52:21 GMT
img
ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/ Frame AEDA
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c40f7f39bf12684d686f443190c5e92941d02198896e6314801ae4025b15192c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3abaa111...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c40f7f39bf12684d686f443190c5e92941d02198896e6314801ae4025b15192c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e3ab...
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=42&gdpr=0&tpuid=6151762475443971495
49 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=42&gdpr=0&tpuid=6151762475443971495
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:22 GMT
server
nginx
location
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?tpid=42&gdpr=0&tpuid=6151762475443971495
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AEDA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=336d0699-7973-488e-a7fa-fd59b383ba7a&gdpr=0
49 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=336d0699-7973-488e-a7fa-fd59b383ba7a&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:21 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=336d0699-7973-488e-a7fa-fd59b383ba7a&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1755564
content-length
0
expires
Sat, 11 Jun 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AEDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=5caf944ad6e740d5fd073be9...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
49 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sat, 11 Jun 2022 03:52:22 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=71d962a4-1175-4e00-9968-c555725fe15d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 11 Jun 2022 03:52:21 GMT
img
ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/ Frame AEDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5...
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&gdpr=0&tpuid=CAESEOGbQ-eI10W-7Yk2ybaUOyE...
49 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&gdpr=0&tpuid=CAESEOGbQ-eI10W-7Yk2ybaUOyE&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 11 Jun 2022 03:52:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/img?uid=f32b1ea4fe62f791c8b2031d5281731c2e59ec3b367c38354d2be11061c4e544&tpid=38&gdpr=0&tpuid=CAESEOGbQ-eI10W-7Yk2ybaUOyE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/ Frame AEDA
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50cb7cfb03626774cd6e5299f6505d30d08f0ff00e09603f38714f7a22a5c6db&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb2da54e...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50cb7cfb03626774cd6e5299f6505d30d08f0ff00e09603f38714f7a22a5c6db&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4c5592bb...
  • https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/js?tpid=48&tpuid=6a6cbcc512784b211fc887e43b2c4521
44 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/js?tpid=48&tpuid=6a6cbcc512784b211fc887e43b2c4521
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
448aacef485ae3239a33e690a0268d5435c5a42c9f7e8cf75461c79c187315d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:23 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/4c5592bb2da54e3abaa11118f0779db3/1654919541203/0/js?tpid=48&tpuid=6a6cbcc512784b211fc887e43b2c4521
date
Sat, 11 Jun 2022 03:52:22 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame AEDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.201.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Sat, 11 Jun 2022 03:52:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
ADonM5Dy8ATOx2jnEcJKm47VS8S1NopW0ARKi1mZ.jpeg
hyser.ua/crops/1b1f17/150x100/2/0/2022/06/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/1b1f17/150x100/2/0/2022/06/10/ADonM5Dy8ATOx2jnEcJKm47VS8S1NopW0ARKi1mZ.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76532804b1955a343905cf7704764b65be15a3d453b1ebbfb62ce5832a95b113

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:26 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 14:59:09 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3Lsw1J%2F9%2FCPrWbQBmOrsQDCakpF8tGyEcdXgKOihmLbb%2FTqxZI2YDp%2ByfyDeK5wd2Eq6Iehhpvke2xWYAmFpD4i71Ha%2B7cSl%2FUzkPUtKwB98IKjZIcAtx%2BN3M6z4OfNgpsrr%2BkebA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764db689e375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6879
iMfpmZF7vN4cH1OnUf3CEkiCYWoRVsfP8moA2Yds.jpeg
hyser.ua/crops/72589e/735x400/2/0/2022/06/09/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hyser.ua/crops/72589e/735x400/2/0/2022/06/09/iMfpmZF7vN4cH1OnUf3CEkiCYWoRVsfP8moA2Yds.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79620a9e19de4a75bb8962281f414a70df847b2474fc8745d4d83968a831ae3d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hyser.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:52:26 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 13:38:50 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEX9PSGvUoM4X%2FEgDySFqCAGcNZxcZO0qy147Pmy17ILNFqIUsOJjEYRnAjPa5Yp%2Bc9QksugvuP2hdQKzJLXZRlK4T6a%2FdHrtFCb95%2B2G5duE94rjnA4TJ9iIpGfFHAGfIt4%2B9u%2F0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
719764dba8c6375d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35701

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| adsinserter function| initAi function| BM_Draw number| f string| x object| bmScript object| bmN object| bmD object| bs object| bm object| bmS string| r object| __CF$cv$params object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _getstat object| regeneratorRuntime object| aicb boolean| __aiLoaded object| gaplugins object| gaGlobal object| gaData object| BM_STAT object| notsyCmd object| googletag object| ggeac object| google_js_reporting_queue function| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInit function| notsyInitUnit function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| notsyAdVideo object| Criteo object| notsyAdVideoServices undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| google_image_requests

23 Cookies

Domain/Path Name / Value
hyser.ua/ Name: b
Value: b
.hyser.ua/ Name: _gs_lp
Value: 2a0c975e
.hyser.ua/ Name: _gs_d
Value: 1
.hyser.ua/ Name: _gs_sd
Value: 1
.hyser.ua/ Name: _gs_s
Value:
.hyser.ua/ Name: _gs_ul
Value: 62a41170
.hyser.ua/ Name: _gs_ss
Value:
.hyser.ua/ Name: _ga
Value: GA1.2.626732754.1654919536
.hyser.ua/ Name: _gid
Value: GA1.2.322754783.1654919536
.hyser.ua/ Name: _gat_UA-63174230-1
Value: 1
.s.getstat.net/ Name: _gs_ui
Value: dc9990f5-030d-453e-a6bd-f846b8bacb26
.s.getstat.net/ Name: _gs_si
Value: 5f70d57e29ac4ff4
.hyser.ua/ Name: __cf_bm
Value: iUHJOzJxU6iog6RGNApQkMJzBJGZi6gZZCEeqTRRloI-1654919536-0-Af+kGatGRORIj8lLfOGNS6vbGPG4vRj5Ef3ZK+WmL1S7MeO1vHlYs9Wj9fRMDNg++CqYpFd64wWMXoCBFvhiRXotLkA9HNz5HEz2xK4nVfmvcmPrTdWXNSkQQg9sLibhfQ==
hyser.ua/ Name: notsy_session_counter
Value: 1
.adnxs.com/ Name: icu
Value: ChgInql9EAoYASABKAEw8KKQlQY4AUABSAEQ8KKQlQYYAA..
.adnxs.com/ Name: uuid2
Value: 8115621938264826016
.rubiconproject.com/ Name: khaos
Value: L49CD2Q0-1K-6SBY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrtQfd9MMz9Z1qbBgMWySGKoH1GQZR6kujeqqfd8c6ZzVoupRrT8qPf2J+X9ZSb+aEmGweUluV0N0Xw9PyuwhrFpmvllXEtYN4=
a4p.adpartner.pro/ Name: apuid
Value: f1f74ade-0b80-47e6-9171-59df670ca516
.criteo.com/ Name: uid
Value: 336d0699-7973-488e-a7fa-fd59b383ba7a
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hyser.ua/ Name: __gads
Value: ID=8803e64b2b299d55-2251c988aecd0050:T=1654919537:S=ALNI_Mb17nk17q5BRXXa8GLHb4XJSqk45w
.hyser.ua/ Name: cto_bundle
Value: 6Gg12V9RQkNMQnBIY3BrWHF5ZW1lWHRnTWI2cVBGaHF4MFNPQ29lWUJoRmQxVTZUdE5hMiUyQktIR2FhdFolMkJNdVRFT2hpMldhclRnbGZSVFgyTzhPWDIzT1VUWWthZkZxazF5MlViVSUyRjRtWCUyQjRvTThlVHdLZGt6RFo4TG8lMkJmRk9IMEdtYXQzSGlmcm04QUZGdmduTUxxQUEwU3RBJTNEJTNE

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
aixcdn.com
b6021225a189dcce610e14e44d0abf75.safeframe.googlesyndication.com
bbnaut.ibillboard.com
bidder.criteo.com
c.aixcdn.com
c.bigmir.net
cdn-b.notsy.io
cdn.getpush.net
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
csync.loopme.me
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ghb.adtelligent.com
gum.criteo.com
hyser.ua
ib.adnxs.com
id.rlcdn.com
ih.adscale.de
js.adscale.de
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb.openx.net
s.console.adtarget.com.tr
s.getstat.net
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.248.245.213
142.250.184.194
178.250.0.157
178.250.0.163
178.250.0.165
185.152.64.17
185.29.132.241
185.33.221.53
193.239.68.97
194.213.62.37
209.205.197.154
23.205.235.133
23.227.139.243
23.35.236.188
23.35.236.247
23.88.75.186
2600:9000:21f3:8400:f:4f64:8940:93a1
2602:803:c003:200::21
2606:4700:3030::ac43:a0b5
2606:4700:3031::ac43:b689
2606:4700:3034::6815:5f33
2606:4700::6810:5914
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9a
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3601:6b06:26e1:4300:34b
2a06:8640:852:0:ec4:7aff:fe91:19a
2a06:98c1:3121::3
3.124.13.195
3.66.201.109
35.227.252.103
35.244.174.68
35.71.131.137
37.157.4.23
37.157.4.25
52.210.88.151
52.29.145.136
52.94.223.37
54.38.197.123
69.173.144.139
69.173.144.165
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08a42893ca8fdd0804f305fa6daa0c49417101ca0f9a6455a7cbc4e63a8b8d70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e55e331c84e7dd7daf6b6c11f5521fa0891c5403e9979d9e55fbd5fe4e09df7
18dc3216d23dacf30cb2522fb265703b9b057d2e743413bee266bad671379ca4
1b67c901bd12ae2e069e865a638b97b9b22214a290ebf04aa8c187b1902e6315
1ccd091aa07c56cb285370c978b30ac9aab7a0e7a3f865dc8ddb8307b97ac715
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25fd2952483aecbfe34845b72131ae10757b89f7e1a6d87df36477d3879bfd06
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
30a295723bf1f67a34a1a4f9fc7f3bba1d8eacf7241ff88a8bde5cbe3d29dc07
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
3847336e9ccb91a3bf9b5df8051453cee5c2c506d3945f0863a84409cf2d4b0c
3ba93549874225cdc466d3709ce49485ff362e4371f39a8ccc849c3e356a8b85
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cb5ab845891ae849b37550c66899b7b9f7159e802b49724444dda65d4db03a9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6fb068386858c3a6d5d42eef9cc6b430acc14d2f571d8bcefb234b9a531653
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
448aacef485ae3239a33e690a0268d5435c5a42c9f7e8cf75461c79c187315d9
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
4914f928e22ae90757130515612f04ae9fee134e9e25a445ee83e17d6586d44b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
50751afb202533244586716dc039eb6eeb1c0577be5077d6a805ae20dde1d2bf
52afcadfb3a991f43070dc0fa45eb07defa328a37ef809da1ac2d190c0ef75b3
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5edbb8dcaa1f00e81f3bf02059f7156d1c670a8d488e119c2a4842f4734b1734
5f57bf5f97e3205cbbdb160cd689db1b6fcc2db4ea80b7e3c5591a948af32a55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e487193d1b9eb2d9d2123473f3c0c80ca7361bee68c030b6ac2e2aa4b4d7ce
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6eca14e872c8b7d0fa7da30fa61b81a94f1003bc3c2f945604af385960f1e39b
72ec618723da6d0be7eeda72a1842f3b6925229960b5b31aa54f38b10041dda7
76532804b1955a343905cf7704764b65be15a3d453b1ebbfb62ce5832a95b113
79620a9e19de4a75bb8962281f414a70df847b2474fc8745d4d83968a831ae3d
79fcff3bfc8b3506816b8357ee57156955680dc5170c610bd4539d34300b563e
7a025a6192967b25d8a095f2cc77e000afec0b1dc3c73ea4769028595f25c479
8074d53bf18a06aa5618ded643481db00ec1c9b6a2ba394f550a8a8aeb0ecd4c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
910f536bcf07ac961cc4979839243a5e4282f41f5700915bd49c24e6987750cc
9673280ba73bf9ff38f9d7892012d34e9e7ffd64dee254a7f52449ae5360a391
9871835450ede758ecad9f339ebaebb882fd9aabb0ccf35d1c15b46791b314a2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a957b8f6a5181dbe1c485cb0837f7c4b0cc1b314efbf7846c7100933d201e1eb
a9bcbd402d710c2416d3de3c75672759cf4daf3ff4a7b48f9d92193403038447
add6f75033fc08572bad2d5aa0da1992593b3ab41d1effa000bbb309b80852c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49a3740206719c42659543bd020656ca4d1ce1f2c2984858bb46ac7f9543edc
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf7f9cd94777cef9b138bb712d480c133644e4d37dd4e5443b4b42dea7e32a9
bd6e681e009391e0838a0f1eb234928ebea3b228731e17e94f4f00a34cfb61ea
be318e77bfde25dbfbf28093945f807cb7450e6e99d4ba1b7c253b00ec31bf9d
c02889abfef54353507d98c9dafc3748cdd9971a25d03248032a183f9c80476d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2457b3259b6125151889823525019f87046a456ae572910cc549e5c8172facd
c4b200208edbc6c11efc9283229b997c73dab213c23dee23bb2802346c437941
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2072047d454dbd035b63cdf8dfdc3b150b047e9660f721cb11d7f0bf4d12772
d37f3c2774902cd5a3a595131166f92dec5b4334ed734314554974af119d58ae
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
d5e2e8afa3450f7688ca73bd2cdfe40214eb70a1d0abbcce3e58f7b8a673c054
da424d28f565961b8c1f303bfa5f8547b38dc6499aaa87c377739ca7e9969e3d
db8b13f1c9a2cf144651ef0f4bbe1c264d184f579709f71d992b17eb0efe0991
dc2f213abd342860a4d39295fe692b9bde00b92afba549dc351df53ea50599b5
dd8aa467617bed0dab37b96391f9ccbf182683987b1c74ddcf62be5ef5127b8d
ddd98d01a833cc73d151cb09112775dec0af6f13b059835b9baea6cd9a31bf17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e196a8bd26ef69574a221c1378024e9e865ec865eff0aae979a3b49387abd68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6533597b9cfe5c936ed998760efacecd0967a68b93a38cfde85ef7908370e0
ed8e936dea3b61f608d1065adfd9b0ccc2b85b9c6d813fa86964bf605448a4c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f658a7e0371d96e3cb85fd510deb02c061e971770a6df824c469118a36885
f2292fada657d1b489e24b708c5409cb4ae784d8a26d5544d156718afb5308c1
f948747c57edbc6c51529946f6a5a86a7471d175aced8920f37eb882bb35f7a2
ff4fda943fbb0159d12cab77b48fc66071080c34cedd7f4f1297c6b9efffb7cb
ff5b0d3fb66832925d890dd59615c8948ee040f232bf9bf16693da1521e59e3e