urlscan.io logo urlscan.io
SecurityTrails logo

subject.com.ua Open in urlscan Pro
31.131.26.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://subject.com.ua/
Effective URL: https://subject.com.ua/
Submission: On September 23 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 17 countries across 95 domains to perform 670 HTTP transactions. The main IP is 31.131.26.2, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is subject.com.ua.
TLS certificate: Issued by R3 on August 11th 2022. Valid for: 3 months.
This is the only time subject.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 31.131.26.2 56851 (VPS-UA-AS)
1 2600:9000:223... 16509 (AMAZON-02)
40 2a00:1450:400... 15169 (GOOGLE)
6 51.91.60.38 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
6 2a03:90c0:41:... 199524 (GCORE)
5 172.64.104.3 13335 (CLOUDFLAR...)
3 14 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 52.222.214.2 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
9 27 37.252.173.38 29990 (ASN-APPNEX)
6 54.36.238.155 16276 (OVH)
6 185.184.8.90 204995 (RTB-HOUSE...)
41 2606:4700:10:... 13335 (CLOUDFLAR...)
16 51.75.86.98 16276 (OVH)
6 198.47.127.22 3257 (GTT-BACKB...)
6 178.250.0.165 44788 (ASN-CRITE...)
9 52.28.123.190 16509 (AMAZON-02)
11 212.77.99.29 12827 (WIRTUALNA...)
5 12 147.75.85.234 54825 (PACKET)
8 37.157.6.247 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
13 54.39.16.115 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
53 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 172.64.105.3 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 6 2600:9000:223... 16509 (AMAZON-02)
10 34 142.250.185.226 15169 (GOOGLE)
3 8 213.19.147.44 3356 (LEVEL3)
3 3 76.223.111.18 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 3 193.0.160.128 54312 (ROCKETFUEL)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
4 31 104.18.19.126 13335 (CLOUDFLAR...)
1 2 52.18.137.235 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 15.235.42.79 16276 (OVH)
4 2600:9000:236... 16509 (AMAZON-02)
6 172.217.18.2 15169 (GOOGLE)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
5 5 3.126.157.114 16509 (AMAZON-02)
1 159.203.145.121 14061 (DIGITALOC...)
3 185.86.137.121 201081 (SMARTADSE...)
3 3 37.252.173.62 29990 (ASN-APPNEX)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
2 3 2001:678:cb4:... 56396 (AMOBEE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 2 35.190.0.66 15169 (GOOGLE)
2 35.186.253.211 15169 (GOOGLE)
3 3 34.193.201.64 14618 (AMAZON-AES)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
3 4 185.94.180.125 35220 (SPOTX-AMS)
10 10 3.126.56.137 16509 (AMAZON-02)
4 4 3.121.84.223 16509 (AMAZON-02)
1 35.72.52.63 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 5 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
3 15.197.193.217 16509 (AMAZON-02)
6 23.35.236.188 16625 (AKAMAI-AS)
10 23.35.236.201 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
2 37.157.6.245 198622 (ADFORM)
2 66.155.71.150 13768 (COGECO-PEER1)
1 1 18.159.233.219 16509 (AMAZON-02)
5 212.77.98.32 12827 (WIRTUALNA...)
5 35.158.53.117 16509 (AMAZON-02)
10 10 44.199.43.130 14618 (AMAZON-AES)
5 216.52.2.30 30282 (AS-INAPCD...)
10 12 188.42.196.115 7979 (SERVERS-COM)
5 162.19.138.118 16276 (OVH)
5 5 23.35.228.23 16625 (AKAMAI-AS)
5 5 23.75.240.210 16625 (AKAMAI-AS)
11 23.205.235.133 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 4 52.46.143.56 16509 (AMAZON-02)
1 1 70.42.32.159 13789 (INTERNAP-...)
2 2 135.125.160.77 16276 (OVH)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 52.48.144.255 16509 (AMAZON-02)
2 34.243.140.211 16509 (AMAZON-02)
1 2 34.249.157.182 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 151.101.66.49 54113 (FASTLY)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 104.18.18.126 13335 (CLOUDFLAR...)
1 1 169.50.137.190 36351 (SOFTLAYER)
2 2 37.157.5.142 198622 (ADFORM)
1 1 185.183.112.155 60350 (VP)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 34.95.81.168 15169 (GOOGLE)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.111.151.213 15169 (GOOGLE)
1 193.108.153.18 20940 (AKAMAI-ASN1)
5 69.173.144.139 26667 (RUBICONPR...)
1 8.43.72.97 26667 (RUBICONPR...)
1 108.177.15.157 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 185.172.90.251 49981 (WORLDSTREAM)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
5 88.99.28.61 24940 (HETZNER-AS)
1 185.86.137.17 201081 (SMARTADSE...)
1 52.208.181.213 16509 (AMAZON-02)
1 50.31.142.255 23352 (SERVERCEN...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 142.250.185.130 15169 (GOOGLE)
1 104.18.24.121 ()
670 108
4    31.131.26.2 (Ukraine)

ASN56851 (VPS-UA-AS, UA)
PTR: valerym.sv
subject.com.ua
1    2600:9000:223c:c000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
40    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    51.91.60.38 (France)

ASN16276 (OVH, FR)
tag.eu.dev2pub.com
api.eu.dev2pub.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2600:9000:225e:be00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
6    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
cdn.somplo.com
adserve.somplo.com
5    172.64.104.3 (United States)

ASN13335 (CLOUDFLARENET, US)
a.vdo.ai
14    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
17    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
30    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
17    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
1    52.222.214.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-2.fra56.r.cloudfront.net
optad360.mgr.consensu.org
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
27    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    54.36.238.155 (France)

ASN16276 (OVH, FR)
PTR: ip155.ip-54-36-238.eu
rtb.adxpremium.services
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
41    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
16    51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
6    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
6    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
9    52.28.123.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a-prebid.vidoomy.com
a.vidoomy.com
11    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
12    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
13    54.39.16.115 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net
analytics.vdo.ai
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
53    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
1    172.64.105.3 (United States)

ASN13335 (CLOUDFLARENET, US)
targeting.vdo.ai
4    2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
39    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2607:f8b0:4008:808::2003 (Highland Park, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4009:4::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r1---sn-aigl6ns6.gvt1.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    2600:9000:223f:d000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
34    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
8    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
3    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
31    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    52.18.137.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
15    15.235.42.79 (Canada)

ASN16276 (OVH, FR)
PTR: ns5011080.ip-15-235-42.net
h5.vdo.ai
4    2600:9000:236e:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    3.126.157.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
3    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
9    2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
10    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    3.121.84.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-84-223.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.72.52.63 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-52-63.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
10    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.159.233.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-233-219.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
5    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
5    35.158.53.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
match.sharethrough.com
10    44.199.43.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-43-130.compute-1.amazonaws.com
ssp.disqus.com
5    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
12    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
5    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
5    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
11    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
3    2a05:d018:d29:3601:2273:7c14:b4f4:8de8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.48.144.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-144-255.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    34.243.140.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-140-211.eu-west-1.compute.amazonaws.com
d.adroll.com
2    34.249.157.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-157-182.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.95.81.168 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4009:14::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r1---sn-aigzrnse.c.2mdn.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
pbjs.e-planning.net
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
5    88.99.28.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.28.99.88.clients.your-server.de
ssp.otm-r.com
1    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    52.208.181.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-181-213.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    50.31.142.255 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1h.zemanta.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ade.googlesyndication.com
1    104.18.24.121 (None, )

ASN- ()
csync.smilewanted.com
Apex Domain
Subdomains		 Transfer
103 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 288
1 MB
83 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
bid.g.doubleclick.net — Cisco Umbrella Rank: 428
511 KB
41 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
gcdn.2mdn.net — Cisco Umbrella Rank: 955
r1---sn-aigzrnse.c.2mdn.net — Cisco Umbrella Rank: 185154
789 KB
41 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11028
sync.quantumdex.io — Cisco Umbrella Rank: 5385
8 KB
36 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
acdn.adnxs.com — Cisco Umbrella Rank: 611
112 KB
35 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
30 KB
34 vdo.ai
a.vdo.ai — Cisco Umbrella Rank: 19685
analytics.vdo.ai — Cisco Umbrella Rank: 18616
targeting.vdo.ai — Cisco Umbrella Rank: 21902
h5.vdo.ai — Cisco Umbrella Rank: 23807
3 MB
24 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
56 KB
22 google.com
cse.google.com — Cisco Umbrella Rank: 2467
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
clients1.google.com — Cisco Umbrella Rank: 384
171 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
59 KB
17 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
16 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
15 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
128 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
10 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
3 KB
13 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
141 KB
12 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
7 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 3891
cm.adform.net — Cisco Umbrella Rank: 1589
c1.adform.net — Cisco Umbrella Rank: 637
4 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
2 KB
11 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 8400
2 KB
10 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2279
3 KB
9 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 9690
a-prebid.vidoomy.com — Cisco Umbrella Rank: 14178
a.vidoomy.com — Cisco Umbrella Rank: 9293
2 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
349 KB
7 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489
prebid-us.creativecdn.com — Cisco Umbrella Rank: 12794
1 KB
7 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 26
imasdk.googleapis.com — Cisco Umbrella Rank: 424
fonts.googleapis.com — Cisco Umbrella Rank: 40
337 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3043
576 B
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
2 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7910
9 KB
6 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5376
www.google.co.uk — Cisco Umbrella Rank: 3335
2 KB
6 dev2pub.com
tag.eu.dev2pub.com — Cisco Umbrella Rank: 273381
api.eu.dev2pub.com — Cisco Umbrella Rank: 186652
585 KB
5 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 106513
sync.dmp.otm-r.com Failed
1 KB
5 media.net
hbx.media.net — Cisco Umbrella Rank: 1441
2 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
5 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
1 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
171 B
5 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8935
80 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
109 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
3 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
3 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
2 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
rtb.openx.net — Cisco Umbrella Rank: 1505
833 B
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
ww1097.smartadserver.com — Cisco Umbrella Rank: 29960
781 B
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 48085
84 KB
4 subject.com.ua
subject.com.ua
34 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
mp.4dex.io — Cisco Umbrella Rank: 2010
24 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
917 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com — Cisco Umbrella Rank: 3229
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2536
953 B
3 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2958
p.rfihub.com — Cisco Umbrella Rank: 728
3 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
124 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 47070
get.optad360.io — Cisco Umbrella Rank: 29701
279 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 5593
s.e-planning.net Failed
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
361 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
866 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
843 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
b1h.zemanta.com — Cisco Umbrella Rank: 4948
429 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
382 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14012
567 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1 KB
2 somplo.com
cdn.somplo.com — Cisco Umbrella Rank: 34888
adserve.somplo.com — Cisco Umbrella Rank: 34413
48 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1077
344 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
54 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1829
r1---sn-aigl6ns6.gvt1.com — Cisco Umbrella Rank: 445356
924 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
58 KB
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
168 B
1 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 752
810 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1727
349 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
362 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 3509
269 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
408 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
507 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1379
300 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
621 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
182 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
178 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1037
178 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6558
322 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3200
44 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 26899
442 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 2535
134 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
825 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5392
233 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
646 B
1 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 49739
3 KB
0 bumlam.com Failed
sync.bumlam.com Failed
0 adhigh.net Failed
px.adhigh.net Failed
0 zeotap.com Failed
spl.zeotap.com Failed
670 95
Domain Requested by
53 tpc.googlesyndication.com googleads.g.doubleclick.net
subject.com.ua
tpc.googlesyndication.com
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
imasdk.googleapis.com
40 pagead2.googlesyndication.com subject.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
39 s0.2mdn.net tpc.googlesyndication.com
subject.com.ua
imasdk.googleapis.com
s0.2mdn.net
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
35 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
34 cm.g.doubleclick.net 10 redirects f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
subject.com.ua
googleads.g.doubleclick.net
27 ib.adnxs.com 9 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
tag.eu.dev2pub.com
26 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
subject.com.ua
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
23 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
17 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
subject.com.ua
16 onetag-sys.com get.optad360.io
sync.quantumdex.io
tag.eu.dev2pub.com
15 h5.vdo.ai subject.com.ua
a.vdo.ai
14 www.google.com 3 redirects cse.google.com
www.google.com
subject.com.ua
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 analytics.vdo.ai a.vdo.ai
12 ads.betweendigital.com 10 redirects tag.eu.dev2pub.com
12 prebid.a-mo.net 5 redirects get.optad360.io
tag.eu.dev2pub.com
12 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
subject.com.ua
11 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
tag.eu.dev2pub.com
11 ssp.wp.pl get.optad360.io
10 ssp.disqus.com 10 redirects
10 ads.pubmatic.com get.optad360.io
sync.quantumdex.io
10 ups.analytics.yahoo.com 10 redirects
9 dt.adsafeprotected.com f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
8 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
8 www.googletagservices.com googleads.g.doubleclick.net
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
8 adx.adform.net get.optad360.io
tag.eu.dev2pub.com
7 www.gstatic.com googleads.g.doubleclick.net
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
6 acdn.adnxs.com get.optad360.io
tag.eu.dev2pub.com
6 googleads4.g.doubleclick.net subject.com.ua
googleads.g.doubleclick.net
6 s.ad.smaato.net 1 redirects sync.quantumdex.io
6 f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 d.vidoomy.com get.optad360.io
6 bidder.criteo.com get.optad360.io
6 hbopenbid.pubmatic.com get.optad360.io
6 useast.quantumdex.io get.optad360.io
6 prebid-eu.creativecdn.com get.optad360.io
6 rtb.adxpremium.services get.optad360.io
5 ssp.otm-r.com tag.eu.dev2pub.com
5 token.rubiconproject.com eus.rubiconproject.com
5 secure-assets.rubiconproject.com 5 redirects
5 usermatch.targeting.unrulymedia.com sync.quantumdex.io
5 hbx.media.net 5 redirects
5 id5-sync.com sync.quantumdex.io
5 ap.lijit.com sync.quantumdex.io
5 match.sharethrough.com sync.quantumdex.io
5 std.wpcdn.pl ssp.wp.pl
5 gum.criteo.com 2 redirects static.criteo.net
tag.eu.dev2pub.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 x.bidswitch.net 5 redirects ads.betweendigital.com
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
5 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
5 a.vdo.ai subject.com.ua
a.vdo.ai
4 ade.googlesyndication.com
4 dsum.casalemedia.com ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 pm.w55c.net 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 static.adsafeprotected.com fw.adsafeprotected.com
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
4 csi.gstatic.com www.gstatic.com
imasdk.googleapis.com
4 fonts.googleapis.com googleads.g.doubleclick.net
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 api.eu.dev2pub.com tag.eu.dev2pub.com
4 cdn.admixer.net subject.com.ua
cdn.admixer.net
4 subject.com.ua 1 redirects subject.com.ua
3 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
3 match.adsrvr.org get.optad360.io
ssum-sec.casalemedia.com
3 mug.criteo.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 sync.srv.stackadapt.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ssbsync.smartadserver.com f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
3 an.yandex.ru 2 redirects subject.com.ua
3 eb2.3lift.com 3 redirects
3 www.googletagmanager.com subject.com.ua
a.vdo.ai
www.googletagmanager.com
2 pbjs.e-planning.net 1 redirects
2 script.4dex.io tag.eu.dev2pub.com
script.4dex.io
2 c1.adform.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 d.adroll.com ssum-sec.casalemedia.com
2 match.prod.bidr.io ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
2 cm.adform.net
2 a-prebid.vidoomy.com
2 rtb.openx.net f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
2 ads.travelaudience.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ad.turn.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 www.youtube.com a.vdo.ai
www.youtube.com
2 fw.adsafeprotected.com 1 redirects subject.com.ua
2 a.rfihub.com 2 redirects
2 sync.1rx.io 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net get.optad360.io
static.criteo.net
2 imasdk.googleapis.com a.vdo.ai
imasdk.googleapis.com
2 get.optad360.io subject.com.ua
get.optad360.io
2 cse.google.com subject.com.ua
www.google.com
2 tag.eu.dev2pub.com subject.com.ua
tag.eu.dev2pub.com
1 csync.smilewanted.com tag.eu.dev2pub.com
1 mp.4dex.io tag.eu.dev2pub.com
1 b1h.zemanta.com tag.eu.dev2pub.com
1 ad.360yield.com tag.eu.dev2pub.com
1 ww1097.smartadserver.com tag.eu.dev2pub.com
1 prebid-us.creativecdn.com tag.eu.dev2pub.com
1 fastlane.rubiconproject.com tag.eu.dev2pub.com
1 r1---sn-aigzrnse.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 csync.loopme.me 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 sync.adotmob.com 1 redirects
1 um.simpli.fi 1 redirects
1 casale-match.dotomi.com 1 redirects
1 sync-tm.everesttech.net ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 p.rfihub.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 a.vidoomy.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 pixel.rubiconproject.com
1 cc.adingo.jp f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
1 adserve.somplo.com cdn.somplo.com
1 ads.avads.net 1 redirects
1 r.turn.com subject.com.ua
1 cdn.somplo.com googleads.g.doubleclick.net
1 cs.chocolateplatform.com f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
1 px.ads.linkedin.com 1 redirects
1 rtb2-useast.e-volution.ai f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.tribalfusion.com subject.com.ua
1 a.tribalfusion.com 1 redirects
1 r1---sn-aigl6ns6.gvt1.com f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
1 redirector.gvt1.com 1 redirects
1 targeting.vdo.ai a.vdo.ai
1 www.google.co.uk subject.com.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.jsdelivr.net get.optad360.io
1 clients1.google.com subject.com.ua
1 www.googleapis.com subject.com.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 optad360.mgr.consensu.org subject.com.ua
1 cmp.optad360.io subject.com.ua
0 sync.bumlam.com Failed ads.betweendigital.com
0 px.adhigh.net Failed ads.betweendigital.com
0 sync.dmp.otm-r.com Failed ads.betweendigital.com
0 spl.zeotap.com Failed tag.eu.dev2pub.com
0 s.e-planning.net Failed tag.eu.dev2pub.com
0 prebid.smilewanted.com Failed tag.eu.dev2pub.com
670 154
Subject Issuer Validity Valid
subject.com.ua
R3		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tag.eu.dev2pub.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
api.eu.dev2pub.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2		 2022-08-19 -
2023-09-20		 a year crt.sh
www.google.co.uk
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.somplo.com
Go Daddy Secure Certificate Authority - G2		 2021-12-29 -
2023-01-30		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh

This page contains 96 frames:

Primary Page: https://subject.com.ua/
Frame ID: C2A5DF8ED905AA45FA66200C8A859B38
Requests: 209 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: 8761881708E556C3D701B7CFF8E2B419
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1663900920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920183&bpp=2&bdt=370&idt=128&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2576454272549&frm=20&pv=2&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: A8FF1032185EEA219772A9A934CD0CB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Frame ID: 9ADBC2779BE89439C3EF7917D380BD8E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 4A2B3F9D80E59A0B8261AFD09C5ED04D
Requests: 1 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48F3B5C7BB66E277136E6ABF57AB2C9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7D227D26D0E9025E8F185BD9466C0F6D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: F579E8301A64C35F6F662BB92006A5AD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html
Frame ID: 71754A503A7A81993A702C6B8E93DFE9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: EBBCD925ADA20A49108981A0884D1455
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D766A7582AF3424A77197F8AE6E75582
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1BBCDA429ABDEEDCFA136F63BA867A4A
Requests: 2 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8010E09810F352C39A871A35B95E0A10
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: 71F8CEFB0150C63746B502B892D8EACA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AC956559C606E77142162F5152851A2
Requests: 9 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 709D531F512DE2056F93599E61B5E3AF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Frame ID: B0CB90A6EFAE12D5621E6CBA2C0A59B2
Requests: 5 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96A7CBD35F606D041E06D7B21E0B09D7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html
Frame ID: 6BD7C673696153CD37EE78AA420A9471
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F15134DB67FAE523D0E3AD1E35F96375
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F22181E3A42E89CD02762C7E992BCD8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: F8943F876236B0FC386CA957CDEBC062
Requests: 1 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 03079B2E4F5A9383A4A75A43C60C1B8D
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 87E85DB6D28B2706ECBD94F36CC79D23
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC9B589A9584544F4255501088E0A015
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
Frame ID: B4C8FF02DB54F7951B2FAEFF1E0230E0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Frame ID: EACDFB60C6A30FD96C8095CFE267C95E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 0F909545B495DFE880C48531EC544ECF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Frame ID: CBB5402A7D9271DB8B8CAC2B93DAA171
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8D5851D007C83BB336BC7CC247A00B4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C41D8DE2D31131E65D5143E56726569B
Requests: 9 HTTP requests in this frame

Frame: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C598BF6A707CEF3F968FAA44F532246
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjY_uXTATAB&v=APEucNUe0sL7dyYpUKIwEistNbxSalFEUMsSu6O02cOIujnljh9aKzOju0Oex_CfLpTQI2Sjt74BGxHm4mdy2_Q4M9aE7BqW-1BOn5vKXcmczCpOGFyIr6SkuMvrhVJp-XMXG5QVZ1IbFjW9jFaT-X3FhLhV-dVAYtymllBSpxGYVWYhElJIB0gpYdxsIqtjmCRYk7V6KR2c9x6MdIO5jLpp1UUh1H5F_g
Frame ID: 1829ADB4C465C10E6ED92DB30E6BC29C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12A832D28F6BE0642B0B81752A652368
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Frame ID: B0AE037D741DA65DCEFC82289E118A8E
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2925E7C9EFBF164297A91CC8FC7EB4A3
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua
Frame ID: E8E44921AFBE056694DE0E7DD19575D6
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 33AD6BCDEB36DB810DE1C5114F85737E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B78857B7C2F66B946E660F747DEE34EB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: F1E9943E099247F132C7D54CC0381AA8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 62067DF0A18FCA39CD22810213FB3574
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 305CBBD30BB54869FBF64D468D0B9E17
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Frame ID: D147179B86074C5D1FE0CD5A69581C46
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: CFA3D5E6CEB8F247C20939F673CE91ED
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 22FF3B9FBE59E2F568D7468B8083C842
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 3C1DD286B264B3FBA25014DC8C070237
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AD608D05FCC39117EE3CC7677FD4E0FC
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Frame ID: F1EEDFD36DAEC5E10806FA9D83F32D0B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 4AE4C1BB02388DF517909265E1A96BD6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: FC2D783FFE1254CF93382A67C3E8FD66
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7D7322BD7B6CF9718E108AA8BB3294A6
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Frame ID: 839FCBB0853EBA9487BB0352E5D6C32D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663900920564&gdpr=0
Frame ID: 3098D1FA5019CC120C55B1B90A9CDA8D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663900920564&gdpr=0
Frame ID: 852EA25C026A14580972CEB2469E3689
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663900920565&gdpr=0
Frame ID: 306D150364FAC379E9721C39B64532A8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: B78C5C639A49F845FB6361A0A6890D16
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Frame ID: F3EC6D51782936EC70B386B762EA67C9
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 00AD53C8595D65A5C9ED6E0DB4DF569C
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B1246F280CBC27BDB1FA89F9C03571D6
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Frame ID: 5E09929C1558641C2708C07A6C6EFAD2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: 0F89710D470665577C527B60105A135A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8284F9198E7DE0DF0505B3EDE9245D00
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 4DBA3D9666032B2E414A29F2A47DB8FD
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 84233C71F80086C6027665DAFCF0D57F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 559767730CE8AFCF7D86D31DA1DC06E1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: C06DF04C9EE6F0B950CF84DB1A25F272
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 576E6A7BAB7C24417670186A65609661
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CBDCE0B1B625EFD51B110135AFB400B
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 43672D781BAF8B00AE261E6854215809
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: A3BC28251EB1AD92F38C9F7968E122CD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: CB77EE64D1A5E2BDBA0AC07C66106F60
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1A66A3B3F6DE1D6190E3DF77854DE2F8
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 3F8F38EDB0BE8DBCC991087B108FA128
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 907443DE67E7738517CD8E06530ADBB8
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: FCEFF63243744A3DE5B27943C03C9FF1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 501EB6F72BEB376CD78C5D239E6C5D9C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 51E269401ECFE02E4C50157110D0FEF9
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BE9B9AEF7F490A360D08986F87F5B892
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 61DDECA51DA614696E823480007DE71B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8FEBD5BAEB26F74F7F3F6E557C1B6510
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 3A1AE63081926FDEA7B60607E0C7EF35
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 75908C3DCAF2CC30CE9F951C2DB8503F
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4EBBE89A0F7A871062BCEB605E69BC85
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 82BD5EC117937166C9F8217BC743FF5E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 4F6C1948414A552DDAE11C8A3E2BA58A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6F7D41484D2E176AE486598BD8A2CFEC
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 56FE908995DA5BB765E9D6607800B35D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: B7AC18D5C1FB7B7FC3E0F0C1554C5637
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2E5E5589B0F9115DFF9A469ABE0EEC16
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCED0665015488033282996AF2287A72
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 40DBCFAF861B7E66D7E9A0284C2BA8EC
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 1519F0B533F71EBF683740108A8F40DE
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 9755A86C98B7C2B580A7B3B24FCD9A30
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663900925234
Frame ID: A8E4AB1CA4FC634944E7BE0BC3647B00
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C4B260457AFBB9B90CF859BF48D8F608
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F5B5185943A3C55BC3258635360D4F06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Всі предмети - Великий довідник школярашукати

Page URL History Show full URLs

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

670
Requests

84 %
HTTPS

37 %
IPv6

95
Domains

154
Subdomains

108
IPs

17
Countries

9345 kB
Transfer

22077 kB
Size

94
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 188
  • https://redirector.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=AF771228E12E317B96681B169F443CA00311B50E.5661D26B45720067CC6FC9F8FEA33BEC83AA60EC&key=ck2 HTTP 302
  • https://r1---sn-aigl6ns6.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=22AFA8DC60AD7E399F2D0553253748A3046ACD08.5F3AE9A65C182FB2576A5EE565992681B46CBF88&key=cms1&cms_redirect=yes&mh=jh&mip=2001:ac8:21:e::8&mm=28&mn=sn-aigl6ns6&ms=nvh&mt=1663900589&mv=m&mvi=1&pl=48
Request Chain 197
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 198
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPB68jUnr3vg4KIPLpaeAFs&google_cver=1&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG7gEI_ESCQ6cOtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG7gEI_ESCQ6cOtA
Request Chain 199
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGQ_Wl2F-Ncx6QqMo7q9gUs&google_cver=1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663900921972 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e7c901be-7ce7-496f-a528-c7bc2ccf1492-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA%26google_hm%3DA-fJAb5850lvpSjHvCzPFJI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&google_hm=A-fJAb5850lvpSjHvCzPFJI
Request Chain 200
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG51gS0Xs7sEn6_h-eUBvEE&google_cver=1&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREnydg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREnydg&google_gid=CAESEG51gS0Xs7sEn6_h-eUBvEE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREnydg
Request Chain 202
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpAV_nTNRG_j1mzTG5ECTc&google_cver=1&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqUp2-wZQjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqUp2-wZQjg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Request Chain 203
  • https://an.yandex.ru/mapuid/google/CAESED2f6zVWxpe1jkzJR9x1mUs?ext-param=AZmPxg-pBHiB-kfFdxLiJrCU9U1Se8YDoVAJ2sRyhEHU0IA1u9vcbGtG9cq-Sc1JFDO37S2W1_8T8WWBjbnvAsdowVdwFcXhefBWYA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESED2f6zVWxpe1jkzJR9x1mUs?redir-setuniq=1&ext-param=AZmPxg-pBHiB-kfFdxLiJrCU9U1Se8YDoVAJ2sRyhEHU0IA1u9vcbGtG9cq-Sc1JFDO37S2W1_8T8WWBjbnvAsdowVdwFcXhefBWYA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED2f6zVWxpe1jkzJR9x1mUs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&C=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy0c.o4NIzgj8LvklyoAUwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&google_hm=2
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVTw7W0HiKEP5foVx0XZsY&google_cver=1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D
Request Chain 247
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 248
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOcrxqVR_NXp1xbATUyu-a0&google_cver=1&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57Pzc-kXtV-wnqMVXLkuJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57Pzc-kXtV-wnqMVXLkuJ
Request Chain 249
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Request Chain 250
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1&google_push=AZmPxg9jkHts2zSSnosxj3qu5RaYSh0YjzKMwPPwXyJqvscjtOrgArQFgXm0FZD7YgZPcLg1goW4-gR2mW96S9jUfASs2crN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&google_nid=index&google_push=AZmPxg9jkHts2zSSnosxj3qu5RaYSh0YjzKMwPPwXyJqvscjtOrgArQFgXm0FZD7YgZPcLg1goW4-gR2mW96S9jUfASs2crN
Request Chain 251
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG51gS0Xs7sEn6_h-eUBvEE&google_cver=1&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2TxRASxjiqwLjTJzw2zQyI_ovVK6ZVBcTflt_7_LQuBYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2TxRASxjiqwLjTJzw2zQyI_ovVK6ZVBcTflt_7_LQuBYA
Request Chain 254
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR__XDFK6Vexu40z21zzptjXIqznccQbZNJY0mRL2YqY7cVw8ajDVpZtEocepH-qfb3edtzPhSv56SZ26nRU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR__XDFK6Vexu40z21zzptjXIqznccQbZNJY0mRL2YqY7cVw8ajDVpZtEocepH-qfb3edtzPhSv56SZ26nRU
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBxj-8AcajHJj7JkZeqErlE&google_cver=1
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELYPrRSq3RFQTR0KLHQ5FMc&google_cver=1
Request Chain 295
  • https://fw.adsafeprotected.com/rfw/st/1153048/65870243/skeleton.js?ias_dspID=3&ias_campId=1009216945&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18381994235&bidurl=https://subject.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hE2Ya_qve9peOXC3rY2QFN&adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3a94553b-3088-a17f-2c28-16af3ce6b3e1,c:p0a4PE,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-xqjdw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:315,mot:0,app:0,maw:0,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:332,oid:4d88b84b-3ae9-11ed-895f-f6d22ae89400,v:19.8.352,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_970x250.js
Request Chain 314
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 317
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1&google_push=AZmPxg8YmfLuHfp3ZXilglnstidKCGdpX5_ejTppGltzQYhORVrfZTpi7D18fR_EUjfgoGBSkX4TSO_kDlvTvG19CzZCldJS8iH8yA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjgxMTI2NjMwODI5ODIzODY2MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1
Request Chain 318
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGEeD-hlrBVGxGsWmkTqDtI&google_cver=1&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48dFPZzs491ag3jGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48dFPZzs491ag3jGg
Request Chain 319
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEouPmyeZsYKXZQmV8osMok&google_cver=1&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaXMl7yp3_NzmutwA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaXMl7yp3_NzmutwA
Request Chain 321
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEV1_qcDhdL2zm0u-W_yCAY&google_cver=1&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5HjOtYaNfhuBibu8QdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IbG6diXVRANPGmFOX39XldmKxGs&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5HjOtYaNfhuBibu8QdQ
Request Chain 323
  • https://ads.avads.net/sync/ggl?google_gid=CAESECviQ4-GYi98EqrF2RpnLBY&google_cver=1&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTim_Z9WPXKoq8eOgS2T3hVroovcWvJDIWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjFhOWM5YzUtMjM2YS00ZDdiLWE1ZTMtMTY5NWNlNzE2Zjk3&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTim_Z9WPXKoq8eOgS2T3hVroovcWvJDIWg
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1&__user_check__=1&sync_id=4e344821-3ae9-11ed-a0eb-1e1d47870306
Request Chain 336
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=4e318fa6-3ae9-11ed-9885-1984e64b0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGUzMThmNTktM2FlOS0xMWVkLTk4ODUtMTk4NGU2NGIwMTA2
Request Chain 337
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0yQzhvUU54RTJ1Rk42NzJaUndZX01fNXFnY0dDU1Fncn5B
Request Chain 355
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT1GTAlV6yP7PR3StcoqVa_AOK-pCVtBbacty7VXO7_tbVdurQxeeg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT1GTAlV6yP7PR3StcoqVa_AOK-pCVtBbacty7VXO7_tbVdurQxeeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OG5FbnhmSE4xT0J5REY1&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT1GTAlV6yP7PR3StcoqVa_AOK-pCVtBbacty7VXO7_tbVdurQxeeg
Request Chain 356
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEouPmyeZsYKXZQmV8osMok&google_cver=1&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4KPtG-0wVnTdI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4KPtG-0wVnTdI
Request Chain 357
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Request Chain 361
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpAV_nTNRG_j1mzTG5ECTc&google_cver=1&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSerGog8psg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSerGog8psg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Request Chain 392
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FlTi_nxtNXJtNWZEbVNSV2RRa3ljTHU4MGJ4cVZ6UXBTMW4rSGlPZzdER0JjWmVyaWFmRlpSY242c0xFVzhBSURFYTgrRllONWxPYUg3RUhvYTFxTG5jNC81WEFna1k5RHJqcTk0K1JmbzFGM1Z0c2FWMDgvbE9zcjR3OVF1VXg0ZlhoTHhBZDRzS2UyU09yQjRHcmRNSkg3M0dmNEhpT1dwYWhmL0hqSG1TMDMrNjlqVzlwU0xwVUc4YXhNaXRXZDFlUnhuNUdIWjg3VVpqci9ldGIydTB2dEI3TXlKeG5rTVloaHh6cUxybFJBczNJPXw&cppv=2
Request Chain 417
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A&gdpr=0&gdpr_consent=
Request Chain 418
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6417679249573876566
Request Chain 422
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=b355118c-ce25-4524-86a1-3775cf3ed0e4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_cc7fd3d7-62c3-4e1a-b4e7-938c9e7878fe&bsw_param=b355118c-ce25-4524-86a1-3775cf3ed0e4&expires=10 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=b355118c-ce25-4524-86a1-3775cf3ed0e4
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Request Chain 448
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB&buyeruid=8be11aaa-01f8-4a86-9139-9ccd3c7528ac&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Request Chain 449
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Request Chain 451
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Request Chain 454
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 455
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Request Chain 458
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Request Chain 459
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 460
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Request Chain 462
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB&buyeruid=12876b9d-a3fe-4f31-8222-f699ce503b38&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Request Chain 465
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 466
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Request Chain 467
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Request Chain 469
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Request Chain 470
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB&buyeruid=2fce0a0b-4a20-4353-ac13-acfdd973d14b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 483
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 489
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 493
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Request Chain 495
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Request Chain 496
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Request Chain 500
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 501
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB&buyeruid=e8953708-1294-432a-97a1-76fb318b2663&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Request Chain 503
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Request Chain 504
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Request Chain 505
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItMzg2MC1hMjg4LTM3OTM5MWU0MGVhODIBBjgB&buyeruid=2e004e45-bcd1-4c8e-9f39-ea967f9ed4a5&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Request Chain 509
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 510
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Request Chain 511
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=0&topUrl=subject.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Jt7OXXxPcWI0SnpxL09PYW9DV21OUWk5dEZlWm5hUzRGbVQ0eFRHT3p6NDI1R25NZ3A1T3dwV0dLRWR6WHEvdVl3MmJyeHBwRUxacWZlZmxsMlc3NmJWZnRZY2VpVUh4NGJHOCtXSTJDMnh0cTI0b2VMb20zMFJhcHVlNGlGV241eVhxdjB4ZmhoZC9xcTgyd0NrOEwrTkxDbU9DWGdUYS9LeTcxVUVWblVBYUdrTDBRaWJ4Skh5YjhJUDZGQmM5T3hRR3NRdEZNZ1k0QTJRR0hYMWtJVmJzYVVvTW41Y3Aya3FZa0J0NFlEbHpadCs0YjRPUmpsSlpnaldvTlNtamdudEJTREpzVnB3MTNyUmZHdEk0VGNhd0x3UT09fA&cppv=2
Request Chain 519
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 523
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
Request Chain 532
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Request Chain 533
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Request Chain 534
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 535
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Request Chain 536
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 537
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Request Chain 540
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Request Chain 541
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2811266308298238660
Request Chain 544
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393
Request Chain 546
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
Request Chain 549
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Request Chain 551
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Request Chain 552
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=583741418463323154
Request Chain 553
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Yy0c.o4NIzgj8LvklyoAUwAA%264393 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d50eca87-2d75-40cd-bb88-362b5e800580-tucta26a27c
Request Chain 554
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Request Chain 555
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=01c8632d-1cfa-4c00-aaee-e265fd2c82cd
Request Chain 559
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663987324
Request Chain 560
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0E54A0647F640FAA5588AF446B07D8B
Request Chain 561
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4538758142278904623&expiration=1665110524
Request Chain 562
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Request Chain 563
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Request Chain 564
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 567
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gyokKIR6cC-YLyV5gCw7foUrdHWYfXN5hHrK5TJL
Request Chain 569
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=f60195a1-bfd4-4bda-ae37-3f0eb6c17076
Request Chain 570
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8aa1b76e-b98e-4df6-9b80-8d84d9dff15c&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 571
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a7b44941-77f5-3a11-02f642d6
Request Chain 572
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Request Chain 602
  • https://gcdn.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/A30F4485EC3A58AF584BB4B04EFE7D054E678D46.34C78AC51BEF150D1D3AE89E24BDDE88DA4EF873/key/ck2/file/file.mp4?cpn=Qfl6CPwlfq-BJBjH HTTP 302
  • https://r1---sn-aigzrnse.c.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F32FB356062020544816FB9788BDFBC71C072AE.1FC0B874C45E57C214F12B4255B0BD376C03C298/key/cms1/cms_redirect/yes/mh/Uh/mip/2001:ac8:21:e::8/mm/42/mn/sn-aigzrnse/ms/onc/mt/1663900622/mv/m/mvi/1/pl/48?cpn=Qfl6CPwlfq-BJBjH&file=file.mp4
Request Chain 614
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/ROS?rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_pubProvidedId=%255B%255D&e_pubcid=c1011268-e281-4c22-88ed-6aff85b7fc56 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_pubProvidedId=%255B%255D&e_pubcid=c1011268-e281-4c22-88ed-6aff85b7fc56

670 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
subject.com.ua/
Redirect Chain
  • http://subject.com.ua/
  • https://subject.com.ua/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, s-maxage=10
Connection
close
Content-Encoding
gzip
Content-Length
4165
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Sep 2022 02:31:34 GMT
Server
Apache
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0

Redirect headers

Connection
close
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 23 Sep 2022 02:31:34 GMT
Location
https://subject.com.ua/
Server
Apache
style.min.css
subject.com.ua/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/css/style.min.css
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:31:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Nov 2021 09:42:02 GMT
Server
Apache
ETag
"15dc-5d1c205107e0e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
1430
97672d69-12a2-43ea-9222-362234514ff0.min.js
cmp.optad360.io/items/ 		258 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
last-modified
Fri, 15 Jan 2021 12:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"c7b5c09d2b1684bb417714719df59bd9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
7BDI1Y762C1K6UENTlAN9jU4QKY6VyWo2z0pPqCfYR8x49KzvaN3ag==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		216 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fe0bd06904476041375308b6c7f04721b3cd414249be84f512dd58af34c2b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74451
x-xss-protection
0
server
cafe
etag
2629316373100461161
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 02:42:00 GMT
dev2pub.js
tag.eu.dev2pub.com/ 		102 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:00 GMT
Last-Modified
Fri, 16 Sep 2022 15:28:29 GMT
Server
nginx
X-IPLB-Request-ID
D98AC46B:A0EC_335B3C26:01BB_632D1CF8_11E9B5DE:ABC4
ETag
"6324961d-1969d"
X-IPLB-Instance
43024
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
104093
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa3d61995a15533ea5aa9a0da0cb4d23917572e235a1b83c7f9ca92f2d9571a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42253
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 02:42:00 GMT
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
12b0ccd2d8f2f6821d0a61a0688f7d6130365397fc30a11a784f4e1b05af9275
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
server
gws
expires
Fri, 23 Sep 2022 02:42:00 GMT
plugin.min.js
get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/ 		267 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:be00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4419aae3c6d7ac5591ca891844b14a4443107883cb4c30b1563c83abcf3fc02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 12:10:51 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 12:10:31 GMT
server
AmazonS3
age
138670
etag
W/"555dbb30b4f895f012436b3367155765"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
_KZmJMS6ZQQ_6dPuxdpz8knJgpPQ1PMiY-5QhlcI1STmldjbCSCTKQ==
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-23T02:33:02+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Tue, 23 Aug 2022 09:45:59 GMT
Roboto.woff2
subject.com.ua/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/fonts/Roboto.woff2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/css/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

Referer
https://subject.com.ua/css/style.min.css
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:31:35 GMT
Last-Modified
Wed, 04 Dec 2019 15:02:31 GMT
Server
Apache
ETag
"6d84-598e21a197121"
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
close
Accept-Ranges
bytes
Content-Length
28036
vdo.ai.js
a.vdo.ai/core/subject/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/subject/vdo.ai.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.104.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.30
Resource Hash
2e0ec337a48dcc7ef323b0a5c6afcd8140d024605528f9f852912eefc94eea09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.30
x-cache
MISS
vdo-server
Tag3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
6186648
last-modified
Fri, 23 Sep 2022 00:32:35 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWbXPmSyNqD9bH8gkVjyBTEpLPFtMOxql63BDqF0EjpUyPuR6aQS%2B75esyl1x1XbK%2B%2Fv7AAHSNYPU5R5bzZav9p71AaMUZZZ3hQ47JaUfYMtYu1Dcr036Gf5dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
max-age=1800
cf-ray
74efecb03dc2776e-LHR
cse_element__uk.js
www.google.com/cse/static/element/fd562c898514f252/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c77d76b79ca5c885e274de881b3e76eaafe89137c60a80e65039e0662481b223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 22:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103686
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 22:45:02 GMT
default+uk.css
www.google.com/cse/static/element/fd562c898514f252/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 00:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 23 Sep 2023 00:12:20 GMT
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 23 Sep 2022 03:12:49 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5162
date
Fri, 23 Sep 2022 01:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Fri, 23 Sep 2022 03:15:58 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a82620bb829f6f2a39b97fc23c4481e2dcc349462992cd5c36416596f6ffaa47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124744
x-xss-protection
0
server
cafe
etag
4299116479852609443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 02:42:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame 8761 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
13946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 22:49:34 GMT
etag
9671129459699598864
expires
Thu, 06 Oct 2022 22:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
165773512617a67a1a8a6579adddf826cb68220fab5c34fca6247ca36e5d1753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27784
x-xss-protection
0
server
sffe
etag
"1342 / 904 of 1000 / last-modified: 1663884398"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 02:42:00 GMT
prebid7.4.0.js
get.optad360.io/sf/ 		489 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.4.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:be00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
974e273832eda34a4be17276099fc4b24df1c01ce07fcd52e89d8a023dd1c4f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:42:08 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 07:01:35 GMT
server
AmazonS3
age
3790793
etag
W/"a0bddabb480a5fb345c76e9ee90ca693"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
0PBeGKWjfXadvH8REFOOvuNmUMizfisrOeULvHsYxLisasrDkPv-QA==
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:38:16 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
age
19550
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
9uXiLgGEjAMWZgLPXeTwdM_T4EfW0ZAeZH-flpcOzMdn9W7xq2oQMA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=731242311&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=738411645&gjid=1923751402&cid=829982774.1663900920&tid=UA-1099121-7&_gid=966592310.1663900920&_r=1&gtm=2ou9l0&z=1794922760
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=subject.com.ua&callback=_gfp_s_&client=ca-pub-2062463022593482
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
839bff430f9c12fbcd0d6f3a8a0751dab95d0a554d309ec0522b29d12c18472f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A8FF 		282 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1663900920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920183&bpp=2&bdt=370&idt=128&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2576454272549&frm=20&pv=2&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db78130d7048b35bea5a13cb623f70dcf49e35b0ca1810fa85853d7da77b84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
77951
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Fri, 23 Sep 2022 02:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9ADB 		92 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16428697adc791242fefb2fbce2e3022530e9367263913cc1f152806e89d7009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33807
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Fri, 23 Sep 2022 02:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async-ads.js
cse.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/cse_element__uk.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc69152cba66affa5143a503a688298672179fe645c91e0e81762452400c0bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"3361183995822507346"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:00 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:04:14 GMT
x-content-type-options
nosniff
age
207466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 17:04:14 GMT
generate_204
www.googleapis.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220923
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80d5f04ec8f592e6f5852f1b6dbb10fa30485fd85285b02184de5abd7b1d970e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
42061
x-jsd-version
1.0.1471
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
916
etag
W/"66b-8C368Ocn3EeuIxRzccJgr0pomsg"
x-served-by
cache-fra19141-FRA, cache-lcy19225-LCY
x-jsd-version-type
version
date
Fri, 23 Sep 2022 02:42:00 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b1adbcb5d1201ca02be781fba4da2c84a47a179e09fbf45db3423be4bf194943
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce0255ed-e580-48a2-b459-9442dbb83fc4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
af6940e7461e40daf9fc63c7d8d094615e0d8ede8ef04d4e8cfa7ee0bdf77349

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb12eea072a-LHR
access-control-allow-methods
POST, GET
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=44207179462
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:41:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920273_yz8aidxp8&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=161abab5d4ef7df&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000b47edc6f5cae8562:517198ae237b6477:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000009485c8e1f09512c7:fbfd969dbd6285ca:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=55216610607
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
88436208bbbda9102a609fb75ef4cf205dbdcfa4042e8c11307ca1764f82bf09

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
833499698582f8520fa28977d08b7eb6f94d4c6ad55b35ee444ca0746da65293
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95b3059d-8f37-48c5-abc8-a1e8bb073545
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920273_etiyamolv&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=323a18f0f02c0b5&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb12eec072a-LHR
access-control-allow-methods
POST, GET
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:41:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pbjs
useast.quantumdex.io/auction/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb12eee072a-LHR
access-control-allow-methods
POST, GET
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
f94532cee6f3fb58efe3c8ce1c17c6820a35f52ed90d846136cd272cd36103bb

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
154a4bc30b48583d0db41afe475b50c7a7c0e3efd327e3c7d768d2fb790769e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e1dbd7e-03e7-4032-9be2-fb1bdc017931
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000000913a5ac8b90d449:82c8bf0d1b3173eb:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920271_jl8wdv6zq&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=58171f2615212ed&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
3
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=29712854787
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
18
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:41:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920272_wbqa9zwzd&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=72c7eb8f32ed89&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=1764813481
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:41:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb12eeb072a-LHR
access-control-allow-methods
POST, GET
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
ssp.wp.pl/bidder/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000fd4f0c25b69f21d7:4abc0e9d54184afb:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a2b3125d2fde880c06e4bf293ed459efb09683c4277d1196695e443d2ef73bc2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6c0a2aa-4499-4c53-87c6-9af8ec4cda4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
d1ecd0e7e7549ab79ff8979f7225cf7a683a60c43d9478e3a5adec6214bea560

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
c.html
cdn.admixer.net/scripts3/49044/ Frame 4A2B 		738 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:00 GMT
etag
W/"63049f42-2e2"
expires
Mon, 18 Sep 2023 17:56:20 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-17T17:56:20+00:00
x-id
fr5-up-gc33
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/49044/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-09-15T23:43:41+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 16 Sep 2023 23:43:41 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/49044/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-09-17T18:06:20+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 18 Sep 2023 18:06:20 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1099121-7&cid=829982774.1663900920&jid=738411645&gjid=1923751402&_gid=966592310.1663900920&_u=YEBAAUAAAAAAAC~&z=766230758
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 23 Sep 2022 02:42:00 GMT
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
GetLastCurrenciesRates
api.eu.dev2pub.com/api/public/Dev2Pub/ 		424 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/GetLastCurrenciesRates
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
37fdb767af7b175be46f63af1597b5dabad7e13f981adff881cb73de2023e180

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Sep 2022 02:42:00 GMT
Server
nginx
X-IPLB-Request-ID
D98AC46B:A180_335B3C26:01BB_632D1CF8_11F138C4:26F39
Content-Length
424
X-IPLB-Instance
42214
Content-Type
application/json; charset=utf-8
pubads_impl_2022091901.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131339
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 10:32:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		368 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166
x-xss-protection
0
expires
Fri, 23 Sep 2022 02:42:00 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-40
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69d397edaa2d39593d259a074460a34c763bf59d5c696364c2fa81eb9e6669be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42192
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 02:42:00 GMT
destination
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=UA-113932176-40&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f575e41825841f23fc9b0524e4d67f6cf4861dd5025e9b0b2adc23e4f76c7abd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42270
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 02:42:00 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:00 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
vdo.min.js
a.vdo.ai/core/dependencies_hbv4_latest/ 		409 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.104.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d191188a675a25eac4fb99febdbdaa6d5ac9a0910a55aaa06e9534299e1c0048

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
cf-ray
74efecb388a1776e-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 22 Sep 2022 12:24:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knA9QlJLgZkVwYHS%2FcpttoaEy5wXP1wvyV0RvljuSWmj9ceGstIcmmNCXf%2BPzkfsiAbA%2FU39BObxGUdIBPbJQpnHvpmCHO%2FNkRS6utAq40etiMOPnXVZ6W5Ysg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
11659673 8254858
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		378 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128888
x-xss-protection
0
expires
Fri, 23 Sep 2022 02:42:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1099121-7&cid=829982774.1663900920&jid=738411645&_u=YEBAAUAAAAAAAC~&z=2066790471
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1099121-7&cid=829982774.1663900920&jid=738411645&_u=YEBAAUAAAAAAAC~&z=2066790471
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb24f9c072a-LHR
access-control-allow-methods
POST, GET
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d0ab5b3d8cf9c68c1b0db7a4319721a3346f442f4962c9034ba2b01c0871be27
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a60c1bd-96e7-4e1f-b3c3-fea1dbb3d04d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=79500096025
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:41:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920273_l1m8pk6tx&w=240&h=400&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=10214a9912cdfe58&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
a2ed61e0bc0a47470a31a4ae6e2d9bbcf97092b8f473456867319bb73ac89deb

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000004caced84c93767b1:c3c155d5eb15739e:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1663900920274_g602x8um8&w=120&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=112e039e117239e4&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:41:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=1369529557
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecb26fb5072a-LHR
access-control-allow-methods
POST, GET
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:41:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a674675ce76e244d105151ddd87c2ac0e387e9fb41164451b6d6a5869e8bc926
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:00 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9ebf6ef7-6db6-423a-823f-b497f0b276bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000008f908957729ac015:c34ff44c0240d5f8:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
3ac07bf613ccd44e18438ee498552b34e3accf9743aa459cce46e974ec10eda1

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 9ADB 		225 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
age
55834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 23 Sep 2022 11:11:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9ADB 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:01:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9ADB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHLNe-BwtY_GNG_HK7_UP1Z2kyALd2ebQaeaP7-S5EPie88z7DhABILCesgNgu4aAgNAKoAGbvP3FKMgBAakC6lH6zt-BsD6oAwHIA8sEqgTNAU_Qz93mMjd_u7UqjiKy8m659wAhaj2j4hPntcDTnq45R_vUiBG-pbWqcZN3p-jHTEAiX7qXE5pCm65yWNI0Ym-pyj7Ab4mJe_cyWLkJ4Su1tFenF9O2HK1E-B41jRdi6uM4W26shwxH-0b9mPL-lr199Ta3mAHAXYBHq6nhO04sty4UYGNNzP28wetI2jdscJcbcCmEkq5lPL3t_epIrxVpoBXoOlFUWpwF6w9_ZJt1xNG1t6aBlS-3zkF514h6zyYMG9iPIQovnXJskoDABMnIvqv-A5IFBAgEGAGSBQQIBRgEoAYCgAeb9M2lA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENqjMdIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTIwNjI0NjMwMjI1OTM0ODIYAA&sigh=JE5vl8t_SxM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Sep 2022 02:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Sep 2022 02:42:00 GMT
11888058752710554341
tpc.googlesyndication.com/daca_images/simgad/ Frame 9ADB 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11888058752710554341?w=360&h=720
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6b1ae1e6b0fb3701d02a0904b4c0bd34e19a8d606aded23186d85807a7ea19e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33195
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 20:34:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Sep 2022 02:42:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9ADB 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:22:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9ADB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:35:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9ADB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9ADB 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:00 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 9ADB 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 20:25:22 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1200x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=3&adks=1048470924&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920805&lmt=1663900920&dlt=1663900919813&idt=964&adxs=315&adys=28&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a028be179eb930a2c843baaeecd40588cca7f1f82f7ece7ef08868b030e4c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9798
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		155 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=4&adks=3499579897&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920846&lmt=1663900920&dlt=1663900919813&idt=964&adxs=315&adys=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c0a464c2bca4e205512aa3af06ca7e28f43c8cece0bc6c76b02b33ccadb27f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42207
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=5&adks=269357461&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920851&lmt=1663900920&dlt=1663900919813&idt=964&adxs=636&adys=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd2970cdf054765d47c9da95312c9a308eeeb0d1f0a3d754b3159272d65c98c9
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGB_vrxqfoCFZmgewodnoYCZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/219301973080408064/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGB_vrxqfoCFZmgewodnoYCZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/219301973080408064/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28594
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Fri, 23 Sep 2022 02:42:01 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48F3 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=6&adks=2598159836&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920879&lmt=1663900920&dlt=1663900919813&idt=964&adxs=1410&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=120x-1&fws=128&ohw=0&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9956d0958fbb27dbb9bfa1ec2986a2817ffd0bd9338fde0680f802ffda951d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10091
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=731242311&t=event&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=subject&_u=aEDAAUABAAAAAC~&jid=1197920998&gjid=1095215418&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&_r=1&gtm=2ou9l0&z=665635872
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W2&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C240x600%7C160x600&ifi=7&adks=4241361621&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920940&lmt=1663900920&dlt=1663900919813&idt=964&adxs=14&adys=1577&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=240x-1&fws=640&ohw=0&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44b6fd757136eaca04ede9b88edffc5b778f71a5455f61ad0b36ff947f867352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=509853208158296&correlator=1040665568934990&eid=31069634%2C31069102&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=8&adks=3087128496&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D19e2d9fdbae31907-2218b2732bce00d3%3AT%3D1663900920%3ART%3D1663900920%3AS%3DALNI_MZP3WD403S0g97nZkcArXhK9MfBNQ&abxe=1&dt=1663900920948&lmt=1663900920&dlt=1663900919813&idt=964&adxs=636&adys=445&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ba0c3f8fae20a4ab419e0dd6dd251ce4c2d9cc5dda63347c8210ad2d17614f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9899
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
170ccb23b389a28270eb233be30f74f063a8cfe8bf35dc74fb9355f451d3b76f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54582
x-xss-protection
0
server
cafe
etag
9841586815737619332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 02:42:00 GMT
truncated
/ Frame 9ADB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed8e182f07835798f8c0809c9752432d474be06e01d1b76c6edb461dd9da2fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
allowed_url.php
targeting.vdo.ai/ 		19 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.vdo.ai/allowed_url.php?type=json&url=subject.com.ua%2F&tag=subject&domain=subject.com.ua
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcafe88499c819fe0437001cb6fcee51d0e200f938efdff94c62fe891833fd6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njE1lWRxqy%2FR5bO4C%2FtvewSWP%2Bs5lAUt3%2Fi2t3H8E%2Bk5GkeM0i%2BmV1sjWb1S6RlDf55q84YB4COIahjSRvEZyWkf%2FnO7cy75y6UtSJUvXtXu0%2FxIeyXRXRApEFwhx7JDwaaZ"}],"group":"cf-nel","max_age":604800}
cf-ray
74efecb70fe37783-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1377854140
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25415
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame 7D22 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:08:34 GMT
etag
9671129459699598864
expires
Fri, 07 Oct 2022 02:08:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame F579 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:08:34 GMT
etag
9671129459699598864
expires
Fri, 07 Oct 2022 02:08:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 7D22 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 02:00:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Sep 2022 02:42:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Sep 2022 02:42:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D22 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 00:38:24 GMT
x-content-type-options
nosniff
age
7417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 23 Sep 2023 00:38:24 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D22 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 23:53:04 GMT
x-content-type-options
nosniff
age
10137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Sep 2023 23:53:04 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 7D22 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8220
x-xss-protection
0
server
cafe
etag
2919620596669342719
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:14:17 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/ Frame 7175 		56 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4080a21613d4e61af67e3a64c458d61d296eb1baad8e586b065710e2f15f28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
557703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20640
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 15:46:58 GMT
expires
Sat, 16 Sep 2023 15:46:58 GMT
last-modified
Thu, 10 Dec 2020 08:33:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F579 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWQl0-BwtY_ypG_fO7_UPotKyuA2utMvFYIW83P_kDP_1kOPXAhABILCesgNgu4aAgNAKoAHejoqFA8gBCakC0UutODjlsj6oAwHIA0iqBNcBT9Czz_ZFJcTA3eJbqcPwaCXvw_niuhP9RctVXeyjf2efZ-isTVT1h7MPTeRMZTaqpD7xaaDYZEOi1HNFxxBEEtLch9pktk21dUVeNLbtgY5RpEMMNFoOFEv1upVtHmu4pY9VdRmooUquXfvtdtrMIujupStpdycPFcSuNk9BSvwpEecqLWRP0rUvBYYs6TLK4eAbm5MnpxPcIgCOdQHiAUjxl-xgkvCHTffTYb46_aBJS4Y7PD8FzYpQoulE5xDh2l7M0YIpEIZCnAZpe7zvpDRHUgod8LXABLfqsLCtA5IFBAgEGAGSBQQIBRgEoAYugAeK8fV6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsNch0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMjA2MjQ2MzAyMjU5MzQ4MhgA&sigh=mnwjRkElB8k&uach_m=[UACH]&template_id=419
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Sep 2022 02:42:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame F579 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:42:20 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame EBBC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1663900920&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663900920185&bpp=2&bdt=372&idt=145&shv=r20220921&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2576454272549&frm=20&pv=1&ga_vid=829982774.1663900920&ga_sid=1663900920&ga_hid=731242311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767668%2C31069633%2C42531706%2C21066428&oid=2&pvsid=509853208158296&tmod=1591476703&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Edj8tPDEhY&p=https%3A//subject.com.ua&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7175 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 23 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7175 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13228
x-xss-protection
0
server
cafe
etag
10485928763175976200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 23 Sep 2022 09:36:20 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7175 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 02:42:01 GMT
css
fonts.googleapis.com/ Frame D766 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 01:56:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Sep 2022 02:42:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Sep 2022 02:42:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D766 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:01:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame D766 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:42:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D766 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D766 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D766 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:01 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame D766 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 20:25:22 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1BBC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1832
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:11:29 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F579 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F579 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8010 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F579 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:01 GMT
truncated
/ Frame F579 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c306e28e0bee813d17d19f7762208b259bf3075f7d87f218df4c4d1c72b518a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1BBC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:01 GMT
expires
Fri, 23 Sep 2022 02:42:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 02:42:01 GMT
13f3f09bfb49b566c7b639b7608c1c0e.js
www.gstatic.com/mysidia/ Frame 8010 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4281
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 20:25:22 GMT
6177df1c8e2588b16bf406f80fb0d785.js
www.gstatic.com/mysidia/ Frame 8010 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6177df1c8e2588b16bf406f80fb0d785.js?tag=video_location/awx_web_square
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
486903c47908c435a7ce9ab2ada3b762fe737040f0f6b3656c188d86d283c433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51418
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 22:01:01 GMT
css
fonts.googleapis.com/ Frame 8010 		4 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 01:43:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Sep 2022 02:42:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Sep 2022 02:42:01 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 8010 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
age
55835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 23 Sep 2022 11:11:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8010 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:01:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 8010 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:42:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8010 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8010 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
l
www.google.com/ads/measurement/ Frame 8010 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTazEpPnO3P3psCA0Y_W_6EaaFrM3MjH5YWE8HEf4Isji1i8pD07SgilkNVcDWHwvR3rIW4Q43PSO4ZpIpJ-jNWu0ms2Q
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8010 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:01 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 8010 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 20:25:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D766 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220921&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:01 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
vdo.player.js
a.vdo.ai/core/assets/ 		651 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/vdo.player.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.104.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
cf-ray
74efecba4fe7776e-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 13:25:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEJ2A5qRa5Ixa10FX9Or8S37HzZUlxrsAjzwZdERowpcvyE9GdLFUWl%2BdY9XH3i%2BK81IDz2wndm%2FHhebH3JogYlEC1Wl6gedYARdLuFxX7OcZ%2FIcDQkgQ6SirQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
7119973 7212226
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rtb_v6.24.1.js
a.vdo.ai/core/assets/ 		450 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.104.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
cf-ray
74efecba4fe8776e-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 01 Sep 2022 06:21:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stKpZRWW3qfPkdxHX3AqwyifN%2FcvyR0Px9HdKK3k13036SLZiwmnLh5kCvfR8i5kGvB9SpgNDp2S0UU94jiDgxbkrdN06TKnMJovKmsRzYPfLmxvpDBrVqpghw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
7213474 6185385
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=2&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1491020148
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25415
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 71F8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
csi
csi.gstatic.com/ Frame 8010 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8dvnbxa&c=7601966334924&slotId=3800983167462&qqid=CIOG1frxqfoCFZJP4AodjoIOjQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=sc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6177df1c8e2588b16bf406f80fb0d785.js?tag=video_location/awx_web_square
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
584745739125864048
tpc.googlesyndication.com/simgad/ Frame 8010 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/584745739125864048
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745f2f2980e34ebf4f6f8ec05be85519f0d2239e72d15730105d8a349a84771f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316779
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 22:10:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Sep 2023 02:42:01 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8010 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtUOc-BwtY4OqOJKfgQeOhbroCIqt8bpm4sH0ipUPoJaA7JACEAEgqoDDImC7hoCA0AqgAenc0JsByAEJqQI2l0hHf-KyPuACAKgDAcgDSKoE_AFP0Km2yA3FyjThQLkSV5miSQz3vk5Jto0enX7DVlXbpsteOqIj2w4nMagPNHaz9jNd3OjeJcvzjae5P5QwC6N3HpK4S1UH4aHTJd-H14bP9RtvtWjO8x331a0eJcv2W4WLGsPkDTzYWa6zIag0Ef1IRmUe8PnbAtbl_GMvEoNgOcqmXZcDwOP1kCgD6QBD_dWE3UPx0NNl0oNUOXhKIrQQjx9OogQl1XKa3AxWqWdO8yMITMyfZGSU1eIJh6h5IRcaeiouBseD6MzzvTicymYootvFGCoaBCe7nmbE4RjmeIAWJF9tEzr6bu4TQ_WY8LakkgGDIjzkIRFaan7ABM7T7eTeA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf_oq_kAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKWKFdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIzgAoDyAsBuBPwC9gTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=u3XR6g-R1LQ&uach_m=[UACH]&template_id=1520
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7AC9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
62316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 7175 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 02:42:01 GMT
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 709D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8010 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2da90c8f84fabae377d21f899696fc7a0ba33f0716189ec1f738605f815952e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
videoplayback
r1---sn-aigl6ns6.gvt1.com/ Frame 8010
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=ip,ipbits,expire,id,...
  • https://r1---sn-aigl6ns6.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
923 KB
923 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigl6ns6.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=22AFA8DC60AD7E399F2D0553253748A3046ACD08.5F3AE9A65C182FB2576A5EE565992681B46CBF88&key=cms1&cms_redirect=yes&mh=jh&mip=2001:ac8:21:e::8&mm=28&mn=sn-aigl6ns6&ms=nvh&mt=1663900589&mv=m&mvi=1&pl=48
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4009:4::6 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
06098f549be54d29962bd7d34bdd3b8860559cd87614b57317586ae1f3f15a89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 13:31:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-945375/945376
client-protocol
quic
cache-control
private, max-age=6900
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
945376
expires
Fri, 23 Sep 2022 02:42:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-aigl6ns6.gvt1.com/videoplayback?id=6afb36db5396b215&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1663908121&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=22AFA8DC60AD7E399F2D0553253748A3046ACD08.5F3AE9A65C182FB2576A5EE565992681B46CBF88&key=cms1&cms_redirect=yes&mh=jh&mip=2001:ac8:21:e::8&mm=28&mn=sn-aigl6ns6&ms=nvh&mt=1663900589&mv=m&mvi=1&pl=48
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8010 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 20:35:41 GMT
x-content-type-options
nosniff
age
108380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17204
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 20:35:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B0CB 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 709D 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV6GTTbSuZccbOhcbB-Rzd4gcX1ZLVIMbPZZc57mY6CQZNEWNdelHILNHsfSASUx0IEU3-l9Nv9OoJuENpnchfvNMYvLfLvewhdabXw6J8Sn3gZxzdnGvMNoUvW38hhsg03CzJTgSJHQ32UeslBh0aHaOi-w&dbm_d=AKAmf-BKvgyzEnNGUcGYyN4cbCL1HGEDdXw0ZhHZAFVGWnee-USbnrtYTW2gDxDZNIh_2TQRUZy22agegUIKViVbYXxYwpjKntrLB2uLyhSyLCkzK_x_ZSe77AWF6mBEjSRRTttuXOiEm03nG-MIUZvPkZ1qLkWqBMI55rkOAlZAjpRNihBb6dxCVJCWsaLnNjD1wleyovjzVmvzZQUC5qix1BiVRUQgezU7KoxGggXurU8Dcycf1Yc0MM1PLLu7gFChCjHcDncPF46OThTQ2nbLAW50ptiMCnhT-YA8BnoXJt7-yI18UfbOxpNpiwfF9H3DKhcUEKN1e63bQ67ZV6Gf0SKdm2TDW-vqYmhAPWqN8LDlUfZLs4U3T5e0YFhhvZH1EhJEYgbGCKDNEMWjw_TaedCJnequB_ITLnJDPHhvU1IQPDQKE9AWR3OS5RrB0gwuyhKj4iRJkaY3Db41HtnP5PVhOBo1h3rkiApDGPfHBdMFja9BMEuLRAqSiQa4Iah9wTuaLf3ttzWvePLQs5bWH6NgCuSzEZUBbanq37oFUr1Ht3VD3c0GiZOeDCpNPZrRbkG0s3Tf-gFBv9rQRAYLlxUAyWTqGNY7WdVltgBI6zwgMgFHPOp4SbN6tCGnzkVi8SF3NmyxJteDK6DXX4KIV7v--zaTCGmMbsfZFx0fDVjf4o7rMFjwx807vWaKN9nLC9Qo0_Is4x5hGA-z1CHU2_THxMqDQARdMwE7iQX9k8xV_Z-fNpPlFtYrUOn6VDSKDi7aJ4q6MTDNKC6qcNR99Wl6NVDKzGp1eAOJOjTDwN7Ocw65DXHDv807n9VXDVruwleaVqOvLooMWfnJ0oEXm9Jbo4z__HeJDPygkBDerxp9Pomor-lBJ6v7GtBhp2TBZ1b6cFHsJCO-RtfJSTPL4Sx5jx7cTLi2VowQwVUI2iebDhiGLlwqweOgiRVr24EhrPL4BonUM2CzrQZ7hOnvKEolJwkkZC0Iw7JQj8xbLIWC8ies_lSHtWTv_YGOlQL2zcQSuFBCcecyVkYVSza1PzhzZ6wOKvHh46VxxosEXHziPH8mQFg2E4LgIJnjqfnElOCOV0HdpmT4CUxNd-O89NxagBmkLqrpnz5ZyYhrZTuIuf5pt9M221MqorHg8BAaOWQ0ekJ-xSEpJ9v1kQSdYXX3oNFPQi15bWbHbocl1tofk78j2OCx0DhaYhrBoStoZGkA254k3RShjesjKLkdCGaEsbSJuPL5FHjviVaWx7wjXE3RTOMH0L9iZEYTL53bZ_9FACT77dtRFpbKqLFTo6gfPYlmx7C6GK3qyByY6Ydozu-l2m6YKuA3EkW8o-jPaVael7EYpa-09zHgR13CtY2tXyFfEy6Pi7Ve4CkQdHSc9cGXBKbHDsibIfpH24ZsEPWvWZwgAAYUiCgIDLCyAy_jPu8KgElcxktSAme6sqYPg4DHWE9zFeAnOU8b5iAOEdPFVNXftzQAs73QPITLNHO_uiwIPLAKIaKyNg2CMLZ03n1GyJJsOviNeVFs_popflcSvuxOlwzVIvbSKdlXM10LEdTk1Pk6mxf0nZz0_fQIC02rVuXyU8KZxCQ0a7V2H1tM77frQ2Am-OPQVlDqi0-4WBdcQ0qeUN2LUmExNGY1QPbwnwV1T_qvHiVxHvilIsYyXPpPpzXEjigi50CZ5Bdkbx9EVHPhJLzEanZHkuaAk7vLmqQfAovAawMJCum8N-TVg6KibAPUPpAVTmR5p2F1o_rmiMpRsjPrlF1KAdSzbh137CqH6MU2Fb3HfeKtUwCqRo7mRnsTawsOMdWmYRHQqO0ZKOzD2wAQDGIp4t0FvMKHM4lS4Sc5li-55Agge-sZpWbLQxiNd5x2F5HgIJB6_6xYlV5bCAtY2QbxnE9T-vhYUoESSo_i5Z25m7u9BwuSvDTAJK4eC3nISkuiZ5TkTV6PdG8qQ4rR_7Fwuu2jiVjKl_TY_GXM6GxyBE6fWiExzcKEDH5puJlaM9E1ujQoS_T7xffIRbSVMbfi6DxzasPJshFE1iFdNf5-8_1qxrgMiBRrHaYZoq6g6CqalyVs216-KhcP0kiUNieSrHbjG_E3vDzcPk99Y8Mx60kng6qiFui8ruIahDO2jO9vC7BRC4dqkpZmDvbtma_fiHAiRHoTtzrz4IeS4-Tv-s2z9O-KfXFnXCqehVaUwvblb7QB3E9t2x75kad3YxMX45ti4-0FiWmJcBdb_8QOtkbccLGX0RlubJGwhXqj7c4FUs7DDDnaOp8sUXzEaXRAm5LfnkVDXca6falwUb4e8mZ-5-JeLRIWctLP7MosJdJitE6plN0jZjgRjANG1rbmLmEITA6z_EeA_meoLJ18DKuJlzDuThrhcjR34FUE6xjWHyAtaMzqno02x2ZhIA-s8N1vidzSEmzYpF0SPAcToXl6FgUWRP3C4bAccRv_lwUH8qe7n61ZXw0CpgkJHC4I7dPIJg2j9l3bLrGAB7kNo153zogt9LxsjBdAyd51DeVOsunihxcQM0N2JSp5Zl0IkkeqdjbxLR_9WzadDKB5Rdtus4fWtZlb-cQSKWgS8RUvCrfte3NiE9_RKecJu5DHEeiVfCV676vH4QuLGwwLt_-GHy404B2xsuwYQA6PDr1RHlCRgC8KjuqZF_OTHdAysocC9kocQa9SxCJz0cNbCe3ot4-oqvvA0-3FT_2We-qMLRMHzVSx0u7aSi4Rk6kduC0Q__zNoUPRwT-RNTBRblp8TAxOiJI_baBt3YWO6mlsoyjIO37o2D869ysnddLLV2gXGvjiJ-rU4oyZHVAgoxNNBkIsdLf_NDcbAXWKE2knQf36H_z1Yj_tb1qKlmG4Qt8o1I-P4RmK3Ov_isVKtnLmNPxzm_fVjzIfLJNOxwDyUAqxFGaJKdwoRxxtHQhevj6PQiEv4ulzMYT54eEArLIDK--Zss4T0az_m9GOj1hP8rozq-eH_amzWod43iFdGk1NTzF4N6oy9vhr2Po0uuqjez9cBRGGoZzFgXAOzUhJLHYMW5vk41CeZtvTFb68G9YMzWiZbPffbBpaqS2rOyZAM0CPb5lkqy7ofVksgi28R0wWUN5yPUYiMtF56-BaeacVAO1LmIHqrfuHvj6MNgo2XF-Y0lDP0ixusRV70b8EO-wpWidY40azCVxfWoErN-OGI8QHel96iXEIMe0QrDDUsLwYYzso49nWuccjmB5IIemEugVcl7DWhX_wKST1GabAh0iLwq6AR9VaGdWQDL1mHELAd6lmS0wRJXR-DUL5Wxv-9qxuh2bPmdDomehKfF1jj-ngpXNgAMrAiYqNXUS3ErFzMd5MVPrZj3u8SVnwZXwp6EMWGJ2vvRd5LpmuqJkKaIO-BZHqngxfNi081AkBT4knOBCEBtxs2O7wvq4O3MYxZzApg0yp_yvIMFPkMwEi35GkzCui9QmzepC-vP3TIqlnWWq4MuvpN20la4h89tJHrgQk3A7s5DYDMr5UtXXQxMDcDpwiCYLCRO86xFPKqLRZ72txLc87IBcCeZQq6YRaKX3dTA&cid=CAASJORoQ-itmZ4Xr_Q0xZmJnUPh5p7DqJ0elhZz-1FHxAkE3d46Hg&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a3ac82434719cb8f0fb33f1918435c35d7e5d8e1b8656c57814e3dc085f7244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 709D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTRJAMIwyQu3zaitgZqRRb5mViIKl8pNhN6mGZofz-DjoduNYBX0TyKY_sG_okZtN8_VK77AVLn49ujc1UAoKGfjNCDBGq3_L7bcAQNWhCzw52LeY
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 709D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 709D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
l
www.google.com/ads/measurement/ Frame 709D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQ-62k0YeCKjP0XGENPGrc67JkUOY07xs0Y7l72mQrh8jvqYQOsY-7WL8XZZttMzBM9qNAYpgg1SEcOAS6S9g6fVmyAw
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 709D 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:01 GMT
i.match
s.tribalfusion.com/z/ Frame 7AC9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrm...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPz...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74efecbc1bfff437-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
42
cf-ray
74efecba4b56f437-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPahNw0w91zshfgrwQJgYh8&google_cver=1&google_push=AZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-g0RLSRaL39MrWH8y4Th267yBp8sN7msHWQ4BWIS5xBERKpQwo64FIYNvSfUBFtLkycebXL28RKLT1iIM9u9rRF-6mOPzrmg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AC9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPB68jUnr3vg4KIPLpaeAFs&google_cver=1&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG7gEI_ESCQ6cOtA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG7gEI_ESCQ6cOtA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 02:42:01 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-y-AKczAdGEtwk7dVkYAyanfijVdMPfA9pKOJq8y_u5o_qZmWGFEfb2w3u4MzpXxhrzrO27ylFwWB_l9UG7gEI_ESCQ6cOtA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
WsXSsDS4VwqLnmR2u1WCvEM76twu4i6WGwowZKGBgV2PdHuye3QTQQ==
pixel
cm.g.doubleclick.net/ Frame 7AC9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-e7c901be-7ce7-496f-a528-c7bc2ccf1492-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg85uXjAMQyK0F58ADSY4...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&google_hm=A-fJAb5850lvpSjHvCzPFJI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&google_hm=A-fJAb5850lvpSjHvCzPFJI
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg85uXjAMQyK0F58ADSY4aTyqnH2hhQAUpqoMPcTJgIBzBO3mJLP5nPnVY3KvX8xQ0VjkSp_EJunJmfsR6Cx48DTyp_GfkUgRA&google_hm=A-fJAb5850lvpSjHvCzPFJI
date
Fri, 23 Sep 2022 02:42:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe7c901be7ce7496fa528c7bc2ccf1492003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7AC9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG51gS0Xs7sEn6_h-eUBvEE&google_cver=1&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PRE...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREn...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREnydg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg8MAaXg8ApWKWZUHMetYM1joslfUOBrxZi9arDy-d-DmVONAYKpISR9NDama8xW_1f2RJeB_do7E26uToEsJ_6u3c8PREnydg
date
Fri, 23 Sep 2022 02:42:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
rtb2-useast.e-volution.ai/ Frame 7AC9 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDEP_mJD6J0faNy6exFD8Fo&google_cver=1&google_push=AZmPxg_o-80Kx00xLQMANhPMnZNC7GieUnWZuuuxblM4Fm9LrviJ06Kz1-7vIcJBavA_kUWwSt4elco1dlshA2JoaeeLfChOUzKkwxg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:02 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 7AC9
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpAV_nTNRG_j1mzTG5ECTc&google_cver=1&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqU...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqUp2-wZQjg&google_hm=NTgzNzQx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqUp2-wZQjg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg8N6l9ETWNdxEZC252cH1rx7Snw7RBYDBCccV28zxIVXtKntjwBfuS7Ah8ma8t87yZz7ziSkn7P7HyV1uNYQWc4tqUp2-wZQjg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Date
Fri, 23 Sep 2022 02:42:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
spacer.gif
an.yandex.ru/resource/ Frame 7AC9
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESED2f6zVWxpe1jkzJR9x1mUs?ext-param=AZmPxg-pBHiB-kfFdxLiJrCU9U1Se8YDoVAJ2sRyhEHU0IA1u9vcbGtG9cq-Sc1JFDO37S2W1_8T8WWBjbnvAsdowVdwFcXhefBWYA&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESED2f6zVWxpe1jkzJR9x1mUs?redir-setuniq=1&ext-param=AZmPxg-pBHiB-kfFdxLiJrCU9U1Se8YDoVAJ2sRyhEHU0IA1u9vcbGtG9cq-Sc1JFDO37S2W1_8T8WWBjbnvAsdowVdwFcXhefBWYA&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED2f6zVWxpe1jkzJR9x1mUs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Fri, 08 Sep 2023 02:42:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7AC9 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0T84Ip7wZIe4bAJM5IXl5RiFmuMbf_wpL2iTmcMa_KAAbhQiEGENeTVBwPksDXgYkQ44j6hTY
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame B0CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&C=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecbc4ff372bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF25zau4XGtg6gi4E2ZG9MkODOtKUH15YH1O20pGHB1i6jaSdkbZx4QSv6RXBK%2Bly9okmriXVUopVQiWtYFignMkK9CQjv1gQCBShXLZiMJiRuoLWDkiS7%2FHm1szbar0m7FRSYr6sxgOEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xj%2BA26s4Tapn9yMgFUfv91Ohp%2FtmdXDHSF4F9RT6NHsLeqzPpt5Moe%2BliEWZZmsQvXqHtEeXGE6X1MwndJ1AM5fDYLluqB9DuwGWtuRLrvPyfvlu2LlGnNrEDbDpvHK%2FG9OdrBVm7eDpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&C=1
cache-control
no-cache
cf-ray
74efecbaeb54d184-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B0CB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy0c.o4NIzgj8LvklyoAUwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&google_hm=2
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecbd988172bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl9HGQRwOwtvC9coQOCGEanDAzdXZuC%2FqocXVBtL2ZaxrFrd20qHY60m3F%2ByfV0tqg3UokAjIu5aYOIyuq4rCXT7c0ezcUfsUljli8hAy1QW3c%2F%2F8RpTjDgTYK937qCaZ9e0FwSJ4QK2Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2ksyaHNesDwMLf3tr_e5g&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B0CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVTw7W0HiKEP5foVx0XZsY&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBVTw7W0HiKEP5foVx0XZsY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:02 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9cb01c2f-a9cf-4879-9c4f-1b9bb48b83b5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBVTw7W0HiKEP5foVx0XZsY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDJv5SCAhj_hOrTATAB&v=APEucNU1GgYPn1bBQUq2TDWxZAdzM3tMUduwV8fjuRBrqWZlPOlWiH9QLEUQsHl-Fi1xiIWz5ESbmrwnItTsBVKkq073xf6GZBxAW7G-s1dXo6mCnD0udyuRJ4U9Dzvr6hnDv7OgqKQvK9C89LSDwIIuEbv3GiAL_QwlIOhxj-3ZV4wmvZ8WXbXF59IirMMB3g5T4cqWbCz-totULNT50i1-VG9r7x8rKA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:01 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
073eded9-e836-4ef8-939e-61c9bb40bbea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 96A7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1153048/65870243/ Frame 709D 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1153048/65870243/skeleton.js?ias_dspID=3&ias_campId=1009216945&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18381994235&bidurl=https://subject.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hE2Ya_qve9peOXC3rY2QFN
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b5181c774ee6ddea0f647ebfe46cc19ff323577a057c8140cf1e1578eee5161

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 709D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Origin
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 11:21:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 709D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV6GTTbSuZccbOhcbB-Rzd4gcX1ZLVIMbPZZc57mY6CQZNEWNdelHILNHsfSASUx0IEU3-l9Nv9OoJuENpnchfvNMYvLfLvewhdabXw6J8Sn3gZxzdnGvMNoUvW38hhsg03CzJTgSJHQ32UeslBh0aHaOi-w&dbm_d=AKAmf-BKvgyzEnNGUcGYyN4cbCL1HGEDdXw0ZhHZAFVGWnee-USbnrtYTW2gDxDZNIh_2TQRUZy22agegUIKViVbYXxYwpjKntrLB2uLyhSyLCkzK_x_ZSe77AWF6mBEjSRRTttuXOiEm03nG-MIUZvPkZ1qLkWqBMI55rkOAlZAjpRNihBb6dxCVJCWsaLnNjD1wleyovjzVmvzZQUC5qix1BiVRUQgezU7KoxGggXurU8Dcycf1Yc0MM1PLLu7gFChCjHcDncPF46OThTQ2nbLAW50ptiMCnhT-YA8BnoXJt7-yI18UfbOxpNpiwfF9H3DKhcUEKN1e63bQ67ZV6Gf0SKdm2TDW-vqYmhAPWqN8LDlUfZLs4U3T5e0YFhhvZH1EhJEYgbGCKDNEMWjw_TaedCJnequB_ITLnJDPHhvU1IQPDQKE9AWR3OS5RrB0gwuyhKj4iRJkaY3Db41HtnP5PVhOBo1h3rkiApDGPfHBdMFja9BMEuLRAqSiQa4Iah9wTuaLf3ttzWvePLQs5bWH6NgCuSzEZUBbanq37oFUr1Ht3VD3c0GiZOeDCpNPZrRbkG0s3Tf-gFBv9rQRAYLlxUAyWTqGNY7WdVltgBI6zwgMgFHPOp4SbN6tCGnzkVi8SF3NmyxJteDK6DXX4KIV7v--zaTCGmMbsfZFx0fDVjf4o7rMFjwx807vWaKN9nLC9Qo0_Is4x5hGA-z1CHU2_THxMqDQARdMwE7iQX9k8xV_Z-fNpPlFtYrUOn6VDSKDi7aJ4q6MTDNKC6qcNR99Wl6NVDKzGp1eAOJOjTDwN7Ocw65DXHDv807n9VXDVruwleaVqOvLooMWfnJ0oEXm9Jbo4z__HeJDPygkBDerxp9Pomor-lBJ6v7GtBhp2TBZ1b6cFHsJCO-RtfJSTPL4Sx5jx7cTLi2VowQwVUI2iebDhiGLlwqweOgiRVr24EhrPL4BonUM2CzrQZ7hOnvKEolJwkkZC0Iw7JQj8xbLIWC8ies_lSHtWTv_YGOlQL2zcQSuFBCcecyVkYVSza1PzhzZ6wOKvHh46VxxosEXHziPH8mQFg2E4LgIJnjqfnElOCOV0HdpmT4CUxNd-O89NxagBmkLqrpnz5ZyYhrZTuIuf5pt9M221MqorHg8BAaOWQ0ekJ-xSEpJ9v1kQSdYXX3oNFPQi15bWbHbocl1tofk78j2OCx0DhaYhrBoStoZGkA254k3RShjesjKLkdCGaEsbSJuPL5FHjviVaWx7wjXE3RTOMH0L9iZEYTL53bZ_9FACT77dtRFpbKqLFTo6gfPYlmx7C6GK3qyByY6Ydozu-l2m6YKuA3EkW8o-jPaVael7EYpa-09zHgR13CtY2tXyFfEy6Pi7Ve4CkQdHSc9cGXBKbHDsibIfpH24ZsEPWvWZwgAAYUiCgIDLCyAy_jPu8KgElcxktSAme6sqYPg4DHWE9zFeAnOU8b5iAOEdPFVNXftzQAs73QPITLNHO_uiwIPLAKIaKyNg2CMLZ03n1GyJJsOviNeVFs_popflcSvuxOlwzVIvbSKdlXM10LEdTk1Pk6mxf0nZz0_fQIC02rVuXyU8KZxCQ0a7V2H1tM77frQ2Am-OPQVlDqi0-4WBdcQ0qeUN2LUmExNGY1QPbwnwV1T_qvHiVxHvilIsYyXPpPpzXEjigi50CZ5Bdkbx9EVHPhJLzEanZHkuaAk7vLmqQfAovAawMJCum8N-TVg6KibAPUPpAVTmR5p2F1o_rmiMpRsjPrlF1KAdSzbh137CqH6MU2Fb3HfeKtUwCqRo7mRnsTawsOMdWmYRHQqO0ZKOzD2wAQDGIp4t0FvMKHM4lS4Sc5li-55Agge-sZpWbLQxiNd5x2F5HgIJB6_6xYlV5bCAtY2QbxnE9T-vhYUoESSo_i5Z25m7u9BwuSvDTAJK4eC3nISkuiZ5TkTV6PdG8qQ4rR_7Fwuu2jiVjKl_TY_GXM6GxyBE6fWiExzcKEDH5puJlaM9E1ujQoS_T7xffIRbSVMbfi6DxzasPJshFE1iFdNf5-8_1qxrgMiBRrHaYZoq6g6CqalyVs216-KhcP0kiUNieSrHbjG_E3vDzcPk99Y8Mx60kng6qiFui8ruIahDO2jO9vC7BRC4dqkpZmDvbtma_fiHAiRHoTtzrz4IeS4-Tv-s2z9O-KfXFnXCqehVaUwvblb7QB3E9t2x75kad3YxMX45ti4-0FiWmJcBdb_8QOtkbccLGX0RlubJGwhXqj7c4FUs7DDDnaOp8sUXzEaXRAm5LfnkVDXca6falwUb4e8mZ-5-JeLRIWctLP7MosJdJitE6plN0jZjgRjANG1rbmLmEITA6z_EeA_meoLJ18DKuJlzDuThrhcjR34FUE6xjWHyAtaMzqno02x2ZhIA-s8N1vidzSEmzYpF0SPAcToXl6FgUWRP3C4bAccRv_lwUH8qe7n61ZXw0CpgkJHC4I7dPIJg2j9l3bLrGAB7kNo153zogt9LxsjBdAyd51DeVOsunihxcQM0N2JSp5Zl0IkkeqdjbxLR_9WzadDKB5Rdtus4fWtZlb-cQSKWgS8RUvCrfte3NiE9_RKecJu5DHEeiVfCV676vH4QuLGwwLt_-GHy404B2xsuwYQA6PDr1RHlCRgC8KjuqZF_OTHdAysocC9kocQa9SxCJz0cNbCe3ot4-oqvvA0-3FT_2We-qMLRMHzVSx0u7aSi4Rk6kduC0Q__zNoUPRwT-RNTBRblp8TAxOiJI_baBt3YWO6mlsoyjIO37o2D869ysnddLLV2gXGvjiJ-rU4oyZHVAgoxNNBkIsdLf_NDcbAXWKE2knQf36H_z1Yj_tb1qKlmG4Qt8o1I-P4RmK3Ov_isVKtnLmNPxzm_fVjzIfLJNOxwDyUAqxFGaJKdwoRxxtHQhevj6PQiEv4ulzMYT54eEArLIDK--Zss4T0az_m9GOj1hP8rozq-eH_amzWod43iFdGk1NTzF4N6oy9vhr2Po0uuqjez9cBRGGoZzFgXAOzUhJLHYMW5vk41CeZtvTFb68G9YMzWiZbPffbBpaqS2rOyZAM0CPb5lkqy7ofVksgi28R0wWUN5yPUYiMtF56-BaeacVAO1LmIHqrfuHvj6MNgo2XF-Y0lDP0ixusRV70b8EO-wpWidY40azCVxfWoErN-OGI8QHel96iXEIMe0QrDDUsLwYYzso49nWuccjmB5IIemEugVcl7DWhX_wKST1GabAh0iLwq6AR9VaGdWQDL1mHELAd6lmS0wRJXR-DUL5Wxv-9qxuh2bPmdDomehKfF1jj-ngpXNgAMrAiYqNXUS3ErFzMd5MVPrZj3u8SVnwZXwp6EMWGJ2vvRd5LpmuqJkKaIO-BZHqngxfNi081AkBT4knOBCEBtxs2O7wvq4O3MYxZzApg0yp_yvIMFPkMwEi35GkzCui9QmzepC-vP3TIqlnWWq4MuvpN20la4h89tJHrgQk3A7s5DYDMr5UtXXQxMDcDpwiCYLCRO86xFPKqLRZ72txLc87IBcCeZQq6YRaKX3dTA&cid=CAASJORoQ-itmZ4Xr_Q0xZmJnUPh5p7DqJ0elhZz-1FHxAkE3d46Hg&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:27:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 709D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV6GTTbSuZccbOhcbB-Rzd4gcX1ZLVIMbPZZc57mY6CQZNEWNdelHILNHsfSASUx0IEU3-l9Nv9OoJuENpnchfvNMYvLfLvewhdabXw6J8Sn3gZxzdnGvMNoUvW38hhsg03CzJTgSJHQ32UeslBh0aHaOi-w&dbm_d=AKAmf-BKvgyzEnNGUcGYyN4cbCL1HGEDdXw0ZhHZAFVGWnee-USbnrtYTW2gDxDZNIh_2TQRUZy22agegUIKViVbYXxYwpjKntrLB2uLyhSyLCkzK_x_ZSe77AWF6mBEjSRRTttuXOiEm03nG-MIUZvPkZ1qLkWqBMI55rkOAlZAjpRNihBb6dxCVJCWsaLnNjD1wleyovjzVmvzZQUC5qix1BiVRUQgezU7KoxGggXurU8Dcycf1Yc0MM1PLLu7gFChCjHcDncPF46OThTQ2nbLAW50ptiMCnhT-YA8BnoXJt7-yI18UfbOxpNpiwfF9H3DKhcUEKN1e63bQ67ZV6Gf0SKdm2TDW-vqYmhAPWqN8LDlUfZLs4U3T5e0YFhhvZH1EhJEYgbGCKDNEMWjw_TaedCJnequB_ITLnJDPHhvU1IQPDQKE9AWR3OS5RrB0gwuyhKj4iRJkaY3Db41HtnP5PVhOBo1h3rkiApDGPfHBdMFja9BMEuLRAqSiQa4Iah9wTuaLf3ttzWvePLQs5bWH6NgCuSzEZUBbanq37oFUr1Ht3VD3c0GiZOeDCpNPZrRbkG0s3Tf-gFBv9rQRAYLlxUAyWTqGNY7WdVltgBI6zwgMgFHPOp4SbN6tCGnzkVi8SF3NmyxJteDK6DXX4KIV7v--zaTCGmMbsfZFx0fDVjf4o7rMFjwx807vWaKN9nLC9Qo0_Is4x5hGA-z1CHU2_THxMqDQARdMwE7iQX9k8xV_Z-fNpPlFtYrUOn6VDSKDi7aJ4q6MTDNKC6qcNR99Wl6NVDKzGp1eAOJOjTDwN7Ocw65DXHDv807n9VXDVruwleaVqOvLooMWfnJ0oEXm9Jbo4z__HeJDPygkBDerxp9Pomor-lBJ6v7GtBhp2TBZ1b6cFHsJCO-RtfJSTPL4Sx5jx7cTLi2VowQwVUI2iebDhiGLlwqweOgiRVr24EhrPL4BonUM2CzrQZ7hOnvKEolJwkkZC0Iw7JQj8xbLIWC8ies_lSHtWTv_YGOlQL2zcQSuFBCcecyVkYVSza1PzhzZ6wOKvHh46VxxosEXHziPH8mQFg2E4LgIJnjqfnElOCOV0HdpmT4CUxNd-O89NxagBmkLqrpnz5ZyYhrZTuIuf5pt9M221MqorHg8BAaOWQ0ekJ-xSEpJ9v1kQSdYXX3oNFPQi15bWbHbocl1tofk78j2OCx0DhaYhrBoStoZGkA254k3RShjesjKLkdCGaEsbSJuPL5FHjviVaWx7wjXE3RTOMH0L9iZEYTL53bZ_9FACT77dtRFpbKqLFTo6gfPYlmx7C6GK3qyByY6Ydozu-l2m6YKuA3EkW8o-jPaVael7EYpa-09zHgR13CtY2tXyFfEy6Pi7Ve4CkQdHSc9cGXBKbHDsibIfpH24ZsEPWvWZwgAAYUiCgIDLCyAy_jPu8KgElcxktSAme6sqYPg4DHWE9zFeAnOU8b5iAOEdPFVNXftzQAs73QPITLNHO_uiwIPLAKIaKyNg2CMLZ03n1GyJJsOviNeVFs_popflcSvuxOlwzVIvbSKdlXM10LEdTk1Pk6mxf0nZz0_fQIC02rVuXyU8KZxCQ0a7V2H1tM77frQ2Am-OPQVlDqi0-4WBdcQ0qeUN2LUmExNGY1QPbwnwV1T_qvHiVxHvilIsYyXPpPpzXEjigi50CZ5Bdkbx9EVHPhJLzEanZHkuaAk7vLmqQfAovAawMJCum8N-TVg6KibAPUPpAVTmR5p2F1o_rmiMpRsjPrlF1KAdSzbh137CqH6MU2Fb3HfeKtUwCqRo7mRnsTawsOMdWmYRHQqO0ZKOzD2wAQDGIp4t0FvMKHM4lS4Sc5li-55Agge-sZpWbLQxiNd5x2F5HgIJB6_6xYlV5bCAtY2QbxnE9T-vhYUoESSo_i5Z25m7u9BwuSvDTAJK4eC3nISkuiZ5TkTV6PdG8qQ4rR_7Fwuu2jiVjKl_TY_GXM6GxyBE6fWiExzcKEDH5puJlaM9E1ujQoS_T7xffIRbSVMbfi6DxzasPJshFE1iFdNf5-8_1qxrgMiBRrHaYZoq6g6CqalyVs216-KhcP0kiUNieSrHbjG_E3vDzcPk99Y8Mx60kng6qiFui8ruIahDO2jO9vC7BRC4dqkpZmDvbtma_fiHAiRHoTtzrz4IeS4-Tv-s2z9O-KfXFnXCqehVaUwvblb7QB3E9t2x75kad3YxMX45ti4-0FiWmJcBdb_8QOtkbccLGX0RlubJGwhXqj7c4FUs7DDDnaOp8sUXzEaXRAm5LfnkVDXca6falwUb4e8mZ-5-JeLRIWctLP7MosJdJitE6plN0jZjgRjANG1rbmLmEITA6z_EeA_meoLJ18DKuJlzDuThrhcjR34FUE6xjWHyAtaMzqno02x2ZhIA-s8N1vidzSEmzYpF0SPAcToXl6FgUWRP3C4bAccRv_lwUH8qe7n61ZXw0CpgkJHC4I7dPIJg2j9l3bLrGAB7kNo153zogt9LxsjBdAyd51DeVOsunihxcQM0N2JSp5Zl0IkkeqdjbxLR_9WzadDKB5Rdtus4fWtZlb-cQSKWgS8RUvCrfte3NiE9_RKecJu5DHEeiVfCV676vH4QuLGwwLt_-GHy404B2xsuwYQA6PDr1RHlCRgC8KjuqZF_OTHdAysocC9kocQa9SxCJz0cNbCe3ot4-oqvvA0-3FT_2We-qMLRMHzVSx0u7aSi4Rk6kduC0Q__zNoUPRwT-RNTBRblp8TAxOiJI_baBt3YWO6mlsoyjIO37o2D869ysnddLLV2gXGvjiJ-rU4oyZHVAgoxNNBkIsdLf_NDcbAXWKE2knQf36H_z1Yj_tb1qKlmG4Qt8o1I-P4RmK3Ov_isVKtnLmNPxzm_fVjzIfLJNOxwDyUAqxFGaJKdwoRxxtHQhevj6PQiEv4ulzMYT54eEArLIDK--Zss4T0az_m9GOj1hP8rozq-eH_amzWod43iFdGk1NTzF4N6oy9vhr2Po0uuqjez9cBRGGoZzFgXAOzUhJLHYMW5vk41CeZtvTFb68G9YMzWiZbPffbBpaqS2rOyZAM0CPb5lkqy7ofVksgi28R0wWUN5yPUYiMtF56-BaeacVAO1LmIHqrfuHvj6MNgo2XF-Y0lDP0ixusRV70b8EO-wpWidY40azCVxfWoErN-OGI8QHel96iXEIMe0QrDDUsLwYYzso49nWuccjmB5IIemEugVcl7DWhX_wKST1GabAh0iLwq6AR9VaGdWQDL1mHELAd6lmS0wRJXR-DUL5Wxv-9qxuh2bPmdDomehKfF1jj-ngpXNgAMrAiYqNXUS3ErFzMd5MVPrZj3u8SVnwZXwp6EMWGJ2vvRd5LpmuqJkKaIO-BZHqngxfNi081AkBT4knOBCEBtxs2O7wvq4O3MYxZzApg0yp_yvIMFPkMwEi35GkzCui9QmzepC-vP3TIqlnWWq4MuvpN20la4h89tJHrgQk3A7s5DYDMr5UtXXQxMDcDpwiCYLCRO86xFPKqLRZ72txLc87IBcCeZQq6YRaKX3dTA&cid=CAASJORoQ-itmZ4Xr_Q0xZmJnUPh5p7DqJ0elhZz-1FHxAkE3d46Hg&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:07:42 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		183 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac613d339405626620e432b934caad1aa7eef3d78884f2d1e45d5fc5d371c992
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
214427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
27359
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 15:08:15 GMT
expires
Wed, 20 Sep 2023 15:08:15 GMT
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame F151 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:11:29 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 96A7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 96A7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 96A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5X3y-RwtY5GhJJnB7gOejYqwBsmt7IpskenR47AQxYvqn6UyEAEgqoDDImC7hoCA0AqgAd6Hx8gDyAEJqQKHP6NmLOOoPuACAKgDAcgDAqoE6gFP0DVghQwwZJkDgmJ030Z-5fONhWQ0FymrLtquLSdDdMGTl6cGvcWffYheCSwS42JZg1QwhdZkIcDFFno9vndGbCwP3cRhI2S3Aq8eo2poSoSSOkrnrIOZM8kIMydE71IVAyod_mL-pF3sotI28QMDUiFYBmbDPWJNlCNj1hJU2iCs2BdsuEAiowANWvEpspjuhiOlyyFDVtWdnvNtbsDcQSgiGIGfPbS58QrnXEQ5MKGR_6VMt9m12VuqtY9xA4hDrV0M-aYLSczfwDNip9_M4DVdzzS7dWyZjPFlLZtfb7dV3DhXKDZDLKTABIyqzJ-JBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZdgAeK-Lg3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQn8AM0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgPICwHYEwrQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=6MZLhDFE8zY&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 709D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F22 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
62317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 709D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
525cab072c5864661f73a1a18afdc3f43b6f566e1e8a134a02102d099bfc21aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 23 Sep 2022 02:42:02 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=timing&_s=3&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=subject&utt=578&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1839116340
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25416
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=timing&_s=4&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=subject&utt=596&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=2124239067
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25416
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.png
h5.vdo.ai/media_file/subject/source/uploads/thumbnails/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/thumbnails/1648810245326246d905ebe51.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Last-Modified
Fri, 01 Apr 2022 10:50:46 GMT
Server
nginx/1.20.1
ETag
"6246d906-e1af"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57775
Expires
Sat, 23 Sep 2023 02:42:02 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame F894 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
css
fonts.googleapis.com/ Frame 6BD7 		3 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mulish:regular,800
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdda94663e22f91ccc82dc5d2a832499c5ef38cade6858209f16d78062be9c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 02:42:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 23 Sep 2022 02:42:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Sep 2022 02:42:02 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BD7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 23 Sep 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BD7 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13228
x-xss-protection
0
server
cafe
etag
10485928763175976200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 23 Sep 2022 09:36:20 GMT
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0307 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1648810245326246d905ebe51.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:02 GMT
Expires
Sat, 23 Sep 2023 02:42:02 GMT
Server
nginx/1.20.1
1648810245326246d905ebe51.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		48 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
ETag
W/"62e47d37-bf80"
Transfer-Encoding
chunked
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 23 Sep 2023 02:42:02 GMT
l
www.google.com/ads/measurement/ Frame 96A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnfqA-VV_sfcZnDTfFw1hlPl1K3oEMG_iTdZqHIZ9fcvAFRpFWx-budDddo1nRpLOhi55aGv66gpdq4n0Y9ap1ShKGaA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96A7 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:02 GMT
truncated
/ Frame 96A7 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7873cc09e42108ba1e5e6e939078f0c8bb15ce7e1f544558ab2b626d555c7d84

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4ac33299-47c1-4267-ad7c-a459ce072ab8
https://subject.com.ua/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/4ac33299-47c1-4267-ad7c-a459ce072ab8
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5417
Content-Type
application/javascript
dec35b62-dc99-4a39-affb-659b2190ce22
https://subject.com.ua/ 		75 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/dec35b62-dc99-4a39-affb-659b2190ce22
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
050b30ca-3bd6-4279-b6de-c01b46930efe
https://subject.com.ua/ 		75 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/050b30ca-3bd6-4279-b6de-c01b46930efe
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
bridge3.532.0_en.html
imasdk.googleapis.com/js/core/ Frame 87E8 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211807
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 10:17:32 GMT
expires
Wed, 20 Sep 2023 10:17:32 GMT
last-modified
Tue, 20 Sep 2022 10:12:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 02:42:02 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logo.svg
a.vdo.ai/core/assets/img/ 		1 KB
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.104.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
cf-ray
74efecbe7b46776e-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUuk1IY8CSzxzW1MSZCrjetwzzCQdSdukZkqtsg%2BpcoFhe0o3KyJXRCDp9hx5XuGJ7JzHwm8XNKj6pdUF2BCJUEMZmlKwSa4y%2BxmXzk5JqOvxyZ1vkMFVyQv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
13107603 8156626
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
image/svg+xml
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
main.19.8.352.js
static.adsafeprotected.com/ Frame 709D 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1153048/65870243/skeleton.js?ias_dspID=3&ias_campId=1009216945&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18381994235&bidurl=https://subject.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hE2Ya_qve9peOXC3rY2QFN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
553825
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
A5RSkZF14VMssthToPsRZhe9oWH28wBMUCDqtEdOSIAbwW0Fgwfsiw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CC9B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
64034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16765942516236316711/ Frame B4C8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00579b7f18e309bc45e20e12c262dbf58f2225ce82aabe6ff1d3df23a09644fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
549554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2115
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 18:02:48 GMT
expires
Sat, 16 Sep 2023 18:02:48 GMT
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 709D 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3uE1M95ZekMCi2DxvUFQVPVshPhR-qPHuKnseFaEEAV2jz3fdDMohZ4JrmHzUzvi_d4YlelNPcctitnYpDFUJpF5LnrJPKzsuNWBB9MKpTxW5pPTFStaXgNCZxGdPOVOdOCAU9i6I0EH-bZwzueM6gxzmjFOqrPsKFZjL-8CUFZhKTcvEbGG8gMwRSyYw9D-G03edYlog8ktvihBnD6KLonmGLjEjPruRn-3Q33Y-fo2r_mFKR1V-vSKA2hwoYkiVo6DKeYCita2YV8TQyV6e6-Sp82cCjjOtJl0yrHwC3y6I_u4SFg7cAPILlt5MlFUhanAqDKJKe-M2Bj0W6gQ8FACyStsJ5MauhXESqSsVJhTIlWgN9FytYHd3fCPTE7wW08lrdrPQ4sn_IHojtY0mopTJ_-AhRQWpWz8xfgslFRX9jdul71HfEYrocCu14LSRkDPp9m8MhTBn04fSoTLTbH-bLXeaa1tCHd4yez7ZuPPdrnazCFl3KQ4jEyvfOW9Rz5Sd1Yd_JcaIa7XLcGTEwYaAEoD0h0vdtWZIVp4fv-OOQ-sX6l6O5VZp9YIPkq44WaHB_5VclZQFUsSzvIo__PxN0oMYVeRkpeGci2-UHmmW7X0j6RPdzy407OPX8tUNWbJSEzgXqAOX8uU8BIDtOvldsfTWU8upLgpK_70JEUcs1qLwYga2S6RQ9hPT1x8a5W0b4-08F9_PbIiMdedORPRy6qNV7vAOqqClbZWu0QcpKwMuG6eIcSOgBw1HOJWzjrHqrcX3IPMWVoW5IXjJZO58a9aDinmaza7-MkoF_I96Bm58HKAi5RXdX4MMZj3gOlSNA0aXAirwfrj8e_fhB-pt5t3jN-rgj4Xh81ZliSKIpxd7jPWGF5hnZ7FSbmAgQfL7sGdFBcKVUK_u2RCHiDn4bBrjdKoPjAybvyTHAYhihDS-1UWJBymra2a7opzqhEqxKIOn2jRD4cif6PGdOghwWLo4ksZkRcvbepBK2OZzVPAnmInCM81Zqya-LJsqavW6whOkvPGT3K4QZWCiw_wxI6LQtftV5jt7RAl0c2ggT4afDpRF9H2pXWt16Gyk_R7Np95KtP9P0dr1w30CkT315bGR6NtY0z1pwiunp8yDTvuNXShNab1xUPSabuHAqPtWo1k1eNmExCXzxCPcIIiE151HfzmbrTJV_X_xj5mznYIQFEZrlJC_QcR2qjLbpAyScA6DlF9bO9I0dWWCRkztPx__58hKSUOK591W_WkX4-ykACix5T8&sai=AMfl-YTXqy7AvyjpCeudLFkF66m3NpsCVeLT2KFAwKbiK9wshisMVTOaGN3NpCtms6nX1fDQuT39EM1IEsqn4HjFLQfO6ZQdQi8a2r9iVAwwPCJ-ltTUIOkbjv1I6hGbCDIq43fBrV4fyEjwoqEfU8Y9oslra8iFlvrDpspTf1rh3J_kiLZMc63sWQJweKO66e2fOVyEu95AB_66lZCUxjO-_g&sig=Cg0ArKJSzNvz0d59lpciEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&cbvp=1&cstd=355&cisv=r20220921.65065&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
si
googleads.g.doubleclick.net/pagead/drt/ Frame F151
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:02 GMT
expires
Fri, 23 Sep 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6F22
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOcrxqVR_NXp1xbATUyu-a0&google_cver=1&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57Pzc-kXtV-wnqMVXLkuJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57Pzc-kXtV-wnqMVXLkuJ
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 02:42:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 77B8D74C153F4535A01217648028BB31 Ref B: LTSEDGE1115 Ref C: 2022-09-23T02:42:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg8fHbaNc7BfxpliaOlfphwL62z_fDZGajltl0TIZwaZQ0h6oVaHyqZsU4R4WOGodLISyfB57Pzc-kXtV-wnqMVXLkuJ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpTx9ttd6ygvITo8I6iQ==
pixel
cm.g.doubleclick.net/ Frame 6F22
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfO...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrU...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-i6MBarKkgVuUJXQrtPRyXEsWBcPNLM6h873bk7yh2LY-nxjrN8yHpaEd6VlRG5XTK8YNqJl9d8rMDrUBCnZfOEr2W7w&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Date
Fri, 23 Sep 2022 02:42:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6F22
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&google_nid=index&google_push=AZmPxg9jkHts2zSSnosxj3qu5RaYSh0YjzKMw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&google_nid=index&google_push=AZmPxg9jkHts2zSSnosxj3qu5RaYSh0YjzKMwPPwXyJqvscjtOrgArQFgXm0FZD7YgZPcLg1goW4-gR2mW96S9jUfASs2crN
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n26p5Nejjd23ShbCPHFUILPR7Fhxhi7A0OYiIFpxAeVnkXQbZGaLspFRWcQfJPln7Ihs4fjy8JRArEtGEerHXNFV5MDNTkKOJhaV8fMVL4A4R1wbMnyLKBJrnUvzymqdkoP3dq2Ad9UJQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&google_nid=index&google_push=AZmPxg9jkHts2zSSnosxj3qu5RaYSh0YjzKMwPPwXyJqvscjtOrgArQFgXm0FZD7YgZPcLg1goW4-gR2mW96S9jUfASs2crN
cache-control
no-cache
cf-ray
74efecbd7a82dd7d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6F22
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG51gS0Xs7sEn6_h-eUBvEE&google_cver=1&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2TxRASxjiqwLjTJzw2zQyI_ovVK6ZVBcTflt_7_LQuBYA
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2Tx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2TxRASxjiqwLjTJzw2zQyI_ovVK6ZVBcTflt_7_LQuBYA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExNjM3NDAyNzg4MTcwNjE0NDY2Mg%3D%3D&google_push=AZmPxg-X7jmyFTL8psqL2pe1tX2K7TV1HpqR9E6H4qTmcEChAdG1r2TxRASxjiqwLjTJzw2zQyI_ovVK6ZVBcTflt_7_LQuBYA
date
Fri, 23 Sep 2022 02:42:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pub
cs.chocolateplatform.com/ Frame 6F22 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMLYz1szn6cAov1Oyx9--xU&google_cver=1&google_push=AZmPxg9tgRht3PgkOzBqZQropZ3OMvQSSpuVlEeyS-LYfHLuxWYcnafB9wIQdAv44XJ2_JGYFTUCs0yA0pfW3CjAc9aLDJQ12Q
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:01 GMT
server
CookieSync Server
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 6F22 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPFKeEEDuIyKXSJcY49p7qg&google_cver=1&google_push=AZmPxg-6QCnSyHYwu-M4YRZnt_wj7y6WPSY-f9B6i-ZR9lUsw2Rv9LVfPUHvVOtckoD-TqnGdycW4L6dzacz4CK2sYxP8Ny6hg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6F22
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR__XDFK6Vexu40z21z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR__XDFK6Vexu40z21zzptjXIqznccQbZNJY0mRL2YqY7cVw8ajDVpZtEocepH-qfb3edtzPhSv56SZ26nRU
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:02 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
78b7205a-935a-49bd-8cd1-71c536a54236
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxNzY3OTI0OTU3Mzg3NjU2Ng%3D%3D&google_gid=CAESEPU8jT-ahmppyOMjVwtNVQA&google_cver=1&google_push=AZmPxg-kDAJcHe7wR__XDFK6Vexu40z21zzptjXIqznccQbZNJY0mRL2YqY7cVw8ajDVpZtEocepH-qfb3edtzPhSv56SZ26nRU
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6F22 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpeJB5sDVou36mjjr81r0xi6z8PgL9_S5odLAIOKNHhdIr0KmmymJLqeP-RUyR3YogLh7zxw
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame EACD 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0307 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpgGCOk1jJNMYhAZxkJtZAi9TI0xyJFrTlJaldUpkuqooEVWVe80_NNjXEO8sQdaUUQ49jkBlo1WlN2EALyYHqlXfT3g&cry=1&dbm_d=AKAmf-BqJR2l7cTIGeXWoOnkbW0TqGkC7ttrt3QCcTZuECy6g4mAk957zq16yVm2wo8BIpH2aCXiXtWXLiWRMc8NC807c43zgcZ3CZN1yjFsBJjODOZi2nJFq6HIC0oVUZuuSBKucXEdP1fpoRKxHwjxELUYu3bQ56sHkwXQ1NGhrBpalfXuiVuf7JOXWtVsSkGfWMSj2M5E3yTRGJn6Hbgf9wFmWMpuLxZcyBaHJI_j0ixd3xlULTgBUl5IWO-3wXaQ7gQT8R5L3401BaPQ1hqajTEflI77kUKukYg9JR0lK6JE8tgoMh2rWJ1H6dzTnc3ieFsVr1kbVGRpPXfQ9C2TbmuY6yx3SkJf7UrjcVir2HZ2GfI6rhf6YqtjGAW6yDKoU4Jebvtr2eEJWPzwcpQl1_SsPa1xUusUNu3QBVO0UMT5ICmj5EW4gXBr0GswVM3lI9yeGCQ8I3BZKu-YX61NCTjRSX9A8RyD6L5X9BRhK9LhOO0soy4lzWpi6kUe8Ul0NxVcmXO4msrJ9-nNk9PddCW6LwN9AoexA1iGs_xSytsfD6Y843QLHj1_vCyLBR8PUYnDzJBpwvyOdYbeZCZOcxU8CieGEjeMI9vjqnx40zk4ZoThLKg4d9Ieqs8GGB8-EP2AoBgshr-uR9RV4lpcSOlwDUmZOBEQbMjlO2fGt9r9L2H4r72rSYCuN-FknzAMJgRdF4JYEfKf7NGrSvWKsKn2WOBG1MMSeb4k8qrzIxtPqsis0KT7X3zaDFBL7Ve9Wo7gf9GobD5AGjsZ2oQzThQITJwdiTKKa5izTTgPEbphfTre8-mAXDIq2XnWQ6TaTNoQZSbJWhsWb5r_-av73G8rZOK4dGw1K4aQosKM0mTsfx0h6UfSzC6_aAndF2BARuWnes6ON5YQzoYJmFfrAeujVq1apwMoA8yDkX2Ov17h591wZEY-526vZ11B8z_CtjG08EoKQi9sMFwu2NVL8ofvFxFnScL-TTfaGguD8vbijoFe7Tc_R-UUbWxEwJ9MWMQlLODtP6vAxDOEceb0r4gnPdQwpM-h8zoM05hGDNmog-ft1z0QYln1_EqxyuELoHY0NN2O8GN8JIPufcUoSCrWJ3XZAD6QE4g94FsJyyBzNAIme3ivYMGPh79Cg81hVpakPl2cc3sgD4F1xmWQ0I4jN1yc95uvgGztu2R0Y2H4KeqEzcFcJAzEwEyQt4R9DACS2zPd-WpchKjQYMgel1DCEYRqgNpfLbCiJBXXvwpcWhvebV9069bqfHe_aVKzkxs48Z6o45PR0GNBYnU6fK9o8yFUxX50aZ10ZrtuHoKUdBUKbDLI7kEYxQsB99Bf9Kwbm7Fgwkii-4_JNkHOp5WRmy09YQnAh2DJNjCrgfac2sAcNaZPTdK46HVMhW3JSUHLG7fmAgTIms3b6XROh-zYCzwLdBFlximDh-HlISx9WOTAsKbmOR0sPE4--AKBpgGl_qd6psnmCbkkaf2yajEQ-pZDUGIxZHC0LWIJ7aBOsbiKKEh0sRR1qeMygnEkBcGVtq4H3_HYrChKbEKzqFhbPjNA1s7XHT2ORUGN6KmOfTzvNmTlVra1g-HCj8a0FXU8Uid74U04iGaLUn9xGXxmRnWHKL4eg63ScNnILdG9vExEdZRtrFkwIGJXgfwEq5lObDD9cs4gxRBdx50rtVeIOivty3PIjSUAjvYZpLeD_ORu_ZMdHAh_miItpYlN5povTUaM8P8_ZMAeykFmZkpdxICMxbyr9Qp7CSYnu5y91xLfTYwpd2zrKlmdnOSnzDZ9naGouawYry07X8cZRY_hAHu5iygMecrBM6owqE5IX_uo6fE7NLCPRnPscWX7foYRjTpycDnzyg5Ta7WFALL7FdyV_ABkHwN8HMFBIP74corDj8rzM_4E_C5lWiNsSV9bLiTd6VIkYMQBFkZh-liBiwaIuLQWlHvIfWsh_pr74QyYEd9usGBVNwNMec84O75OtbJxNyAQ1dQuxktBWcEubX_gT0wPPKG6r5111lUTB_GNp0qD1w_HiO2jMy5X_CgE6TlFvgQqQ_t-FVTLoCTwkcf5yq9BbL3KOIowtrwkah_K6IWksJ-Jzi4LEzb31o2vmt2-ZBcp10Ktja-Km8ns926A43AnteP6dbcTpnNTtV6_-I5Vl7-ibEXTdfbv4Mr7Jnedv5qEkeXoEvv5haQI6Wldlir7Fi7oLYqLpOjsWr2pq-fJXPqfLQhbg6JzMnrdN-18AxStdYivVdANaWrsurHn2uKkxeozApPczeauTCiEcGKXAkowMj5YblUtJlWgIcW4bLJVLtLgckS9P4DCEB7YVpnZCj8BMrEEkazZ8-prUvAkYQ3tK9WS4U74myD5MZvW-H51avC63elfbBmP3CjAGtbFkmidM2W-24UAt__cgUGlgwgq9mmL-KpAOtbaYpQ0MupsCNz3det40W_r5Shrlx7CqWjutYIyRKjzE1AwmbKK8O9uHGG3CITZ4hgq5zcHDDpxo-h3mEnnSEcPFzJ5i-uS6-oIbHQIVRze4UWAY7aOBoql6dK9KtMUdrXUSlcjebFwfNPS3Zu5LalMNAKTfbikQr0eel-Q8BhnD7CZqjL218hP73Insbk_ECNAJ-ccRyQrs5tUJQGVDxlXl5Jh7W_EoXOTyCBizPELfdQHrAMPbgoqZmNHDBhym3XJSQBF3ExFDPLhPppYtaNF5ki9mgnJZbjnoBF4c-PtlvLs5_FFnt0_p17m10WKfey7fYxANnGczMnTWx7QYLNdt43vR0FX9Fjo6m17ePKUYp-nIAhMiOlXJ5VO_R0ccouJajD_EsidSIoxfrzktnCnJOoEJXOZ-xH9N0i53zfIMRn-x2V_mV44znNCmCUfv6mNDH_s1D_zRUDV5ru2TuSF5FLe7X-RGWmAFjid1nHcLE10Rpvih3FpFnBJ4399E0Cb33fr6meAUm-KdWO5cfcFYO6THB1Khh94n2U5XsRmbZVokgiObLbEyG7nVUeNP5oi0GzWjWNhn4a0kvIB4-pLRTbzUxSHcu9mQlEcmW2_ypcfYwxj3gYtxdctJU91yRNRMDfjGRzkQqFKy7Jvpx9ZzNFI5Vz5H6oFpydVM_sF69hPC8bq6JWyBAAvUK5CS5PyNrPpQKvBQUJpvt4SfL_URbC3BoeLLLDT08u1RY4IDU_l2VUuZ867QEYPDB6TMcfJzB8Q-kx4AzxrpC31PYMzWPuequqFlrVpouZjL9PhqoUiX42BFKYNfvOOjQXqX4tnuaymymkBHrE45qbikiPC5QpllOxGEb8cnhcL865EkUsg0r2h9pXu-Dlht2kqNFUiJ1XTE3R3zD77ewyWvLCdgHnyO8FZZ8gepm2K5YvRv4WgjKU-dq-OIpJWhBLltoC4x1bqOHgiYbSneY0k_v5RUqM2heCwUlKnA3fYgcvu4IhdXzh5obu_Ltd33zrD0QviUNwiQUt4deKzWMlpC7TmgTvCVOaaLOo52aX1fdRRYd0Pxo-kOIyXwroFMe1GaMjhf44wL3UcZvcOjV6dou2agtmiFo12aH5tkZPvsfUh8BAZSuiQWVGfYEBM_iM6Ee98J3EN2q74-_J7vcmTXO3Hg1WNNLAUnrbBAnLuAnbSk9-D7-hg1h0P4lTYFugJQQa6HvwTiZAZvwhsSzHVdXk80XP4Q_Ll2aE82MrMWqhbYtratEZhQQzpFX2ETDuynkjITTf4pR61rElQ7RsV9eLiufBV-jpHT-iMR6lwwFRF3MXZet2cFRZyFgSM25HfvR1JRfcEhkIv1jNL-hrtRCE3VBtZ63CtC3mxI3L8YfjNXfSirj1zvNIAfJjd86puJwXzep90OJPYdihJyILwT8aU8wmjsTjY5N7udmSgPG6yY3qOjk78ROmLDN7GtjwVwNuhjLTtzIILveSDAleyNV4V55h18CGFRwf7KTPyy817n7XvFcI5_0DYMi83An-wf6dwb-Hy0D6nTmWIT3yDPWLrgIzLIXjd71TTu03dXALG_cwvrDwMFSUmoNE1PTzkHWJch4NsDKGynZqpzGnnDDh2JxQAejxak8z5pEP0HS1nHWB1yi4&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0ab3a61ad718519ffa83539aa6bcd00dee7c2503cb5b8de30e54a17e578dc17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20174
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0307 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9emPkqyoY7ADeynYj-lwtNYX7CjWpwe0HEhQFrLEIwUAnCiBKwdF8P1oiWySCvKeJzR7v3Z3i6r03o_X7H7PW6jHDWsCdwqJQEED-uIzq565iMGg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 0307 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 0307 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
l
www.google.com/ads/measurement/ Frame 0307 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSopazawpUm-uyO_l2XG68RGWsHr55bAMbTjyl2msfWklqGQhHumpf-wgPyWffsKJ5ZutfZWjzWa-KzpWCyrqlpHCPKLw
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0307 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:02 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 0F90 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
293586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b9e6b1d3ca7cc68d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 0F90 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
293586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dcaf3864e0ab6b08"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 0F90 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
293586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"95b4b320f7966d1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 0F90 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
293586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5561dff7c028bd87"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 0F90 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
293586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00747b471d2f1a24"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
truncated
/ Frame 0F90 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0268922ce606e1bec6035cdf831c5ce3a46275f0dec9c47b8187c94f749c568b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4350962069372867474
tpc.googlesyndication.com/simgad/ Frame 0F90 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4350962069372867474?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdIAkpqzruSkpuipFW3dK7JjvFhQ
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96cfc1e3ca03100bbbc0750dbe15b85ecc539a088736db69cd78c8b7dead0a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 20:51:54 GMT
x-content-type-options
nosniff
age
366608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85717
x-xss-protection
0
last-modified
Tue, 17 May 2022 19:19:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 20:51:54 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F90 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
61547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14587847488922671356
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Fri, 23 Sep 2022 09:36:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F90 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
61547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 23 Sep 2022 09:36:15 GMT
l
www.google.com/ads/measurement/ Frame 0F90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY1JpP2433bmnE0owt3Q1bVNYPHnMyHbiqlJ9QF_x_asRSG2-1NuyWp1zGqfZ4O1AknWPYdnfeaHCdyIeQ-OMscaQsSw
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0F90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJZhA-hwtY734B9ugx_APuMGH2AvJoPmGbLuYvbKEEOjn9_LGAhABIKqAwyJgu4aAgNAKoAHUoojRA8gBAuACAKgDAcgDCKoE5gFP0NzoV-laP84T6t7PVKDi_c5ku6CvdMfF2ep5sN5kTiqJYn2XF9bbXR9AuvPZB1bK7i_SVR9NY9PR8XlyVJiGABw-It6RE5xOy3K-5JXa_Rnxm8aRmyNNka47pSywMhdbEJdjhvP_qpbiKzhY57rSdvbr6SWh0U7GpGebczZ6H_uL7bZCI3pDYEew-Fe7F-58cAD49-yOBSzXAHINMQlRQS1XwAf5CMt51ACIe3RscQAmtcUIYfhVirKMOud_FdNYqqXO1kcA3QvxoXqxQacbjD6nQB7pBxUTproMs6P8L_VDWv8fNMAE6N73locE4AQBkgUECAQYAZIFBAgFGASgBgKAB5Td9y6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDSsw_SCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTE5MjIyMTc3NjA5NTIyM4AKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=0H8QmPKAafI&uach_m=[UACH]
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 6BD7 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:regular,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:32:13 GMT
x-content-type-options
nosniff
age
112189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:32:13 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=5&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1698874388
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25416
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=6&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1837529043
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25416
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=7&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=248044810
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25416
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53539
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 23 Sep 2023 01:43:02 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B4C8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 02:42:02 GMT
index.js
s0.2mdn.net/sadbundle/16765942516236316711/ Frame B4C8 		168 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1846e03b8024d05ea53f8822fcb40469f3664059caab6efa8d3c485db4e422a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28128
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
sd
us-u.openx.net/w/1.0/ Frame EACD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBxj-8AcajHJj7JkZeqErlE&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBxj-8AcajHJj7JkZeqErlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBxj-8AcajHJj7JkZeqErlE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame EACD 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame EACD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELYPrRSq3RFQTR0KLHQ5FMc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELYPrRSq3RFQTR0KLHQ5FMc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 23 Sep 2022 02:42:02 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESELYPrRSq3RFQTR0KLHQ5FMc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame EACD 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjt0sfBATAB&v=APEucNVJcjAPhpOydYfMAWbyKktuUpEkTBQ9fBr3yuL1YxN6nm7O1L8Xp4d1hgFwmBZOpFSfkH08V6CID4rKV6zvztwQG7Ft2PuTgKkaH19YchwQhmqTN09Jqmf7IqF6btnPpyfNs5Cl4DHq1R93pLhaMHkCtubOVIU86yb9uSFYM0p_gFLo1tr7iMpegfxjhZROSHxSqMHRgNn0UmbW722LsyFI1qSl-Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 23 Sep 2022 02:42:02 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
writead.html
googleads.g.doubleclick.net/pagead/s/xfa/ Frame CBB5 		75 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpgGCOk1jJNMYhAZxkJtZAi9TI0xyJFrTlJaldUpkuqooEVWVe80_NNjXEO8sQdaUUQ49jkBlo1WlN2EALyYHqlXfT3g&cry=1&dbm_d=AKAmf-BqJR2l7cTIGeXWoOnkbW0TqGkC7ttrt3QCcTZuECy6g4mAk957zq16yVm2wo8BIpH2aCXiXtWXLiWRMc8NC807c43zgcZ3CZN1yjFsBJjODOZi2nJFq6HIC0oVUZuuSBKucXEdP1fpoRKxHwjxELUYu3bQ56sHkwXQ1NGhrBpalfXuiVuf7JOXWtVsSkGfWMSj2M5E3yTRGJn6Hbgf9wFmWMpuLxZcyBaHJI_j0ixd3xlULTgBUl5IWO-3wXaQ7gQT8R5L3401BaPQ1hqajTEflI77kUKukYg9JR0lK6JE8tgoMh2rWJ1H6dzTnc3ieFsVr1kbVGRpPXfQ9C2TbmuY6yx3SkJf7UrjcVir2HZ2GfI6rhf6YqtjGAW6yDKoU4Jebvtr2eEJWPzwcpQl1_SsPa1xUusUNu3QBVO0UMT5ICmj5EW4gXBr0GswVM3lI9yeGCQ8I3BZKu-YX61NCTjRSX9A8RyD6L5X9BRhK9LhOO0soy4lzWpi6kUe8Ul0NxVcmXO4msrJ9-nNk9PddCW6LwN9AoexA1iGs_xSytsfD6Y843QLHj1_vCyLBR8PUYnDzJBpwvyOdYbeZCZOcxU8CieGEjeMI9vjqnx40zk4ZoThLKg4d9Ieqs8GGB8-EP2AoBgshr-uR9RV4lpcSOlwDUmZOBEQbMjlO2fGt9r9L2H4r72rSYCuN-FknzAMJgRdF4JYEfKf7NGrSvWKsKn2WOBG1MMSeb4k8qrzIxtPqsis0KT7X3zaDFBL7Ve9Wo7gf9GobD5AGjsZ2oQzThQITJwdiTKKa5izTTgPEbphfTre8-mAXDIq2XnWQ6TaTNoQZSbJWhsWb5r_-av73G8rZOK4dGw1K4aQosKM0mTsfx0h6UfSzC6_aAndF2BARuWnes6ON5YQzoYJmFfrAeujVq1apwMoA8yDkX2Ov17h591wZEY-526vZ11B8z_CtjG08EoKQi9sMFwu2NVL8ofvFxFnScL-TTfaGguD8vbijoFe7Tc_R-UUbWxEwJ9MWMQlLODtP6vAxDOEceb0r4gnPdQwpM-h8zoM05hGDNmog-ft1z0QYln1_EqxyuELoHY0NN2O8GN8JIPufcUoSCrWJ3XZAD6QE4g94FsJyyBzNAIme3ivYMGPh79Cg81hVpakPl2cc3sgD4F1xmWQ0I4jN1yc95uvgGztu2R0Y2H4KeqEzcFcJAzEwEyQt4R9DACS2zPd-WpchKjQYMgel1DCEYRqgNpfLbCiJBXXvwpcWhvebV9069bqfHe_aVKzkxs48Z6o45PR0GNBYnU6fK9o8yFUxX50aZ10ZrtuHoKUdBUKbDLI7kEYxQsB99Bf9Kwbm7Fgwkii-4_JNkHOp5WRmy09YQnAh2DJNjCrgfac2sAcNaZPTdK46HVMhW3JSUHLG7fmAgTIms3b6XROh-zYCzwLdBFlximDh-HlISx9WOTAsKbmOR0sPE4--AKBpgGl_qd6psnmCbkkaf2yajEQ-pZDUGIxZHC0LWIJ7aBOsbiKKEh0sRR1qeMygnEkBcGVtq4H3_HYrChKbEKzqFhbPjNA1s7XHT2ORUGN6KmOfTzvNmTlVra1g-HCj8a0FXU8Uid74U04iGaLUn9xGXxmRnWHKL4eg63ScNnILdG9vExEdZRtrFkwIGJXgfwEq5lObDD9cs4gxRBdx50rtVeIOivty3PIjSUAjvYZpLeD_ORu_ZMdHAh_miItpYlN5povTUaM8P8_ZMAeykFmZkpdxICMxbyr9Qp7CSYnu5y91xLfTYwpd2zrKlmdnOSnzDZ9naGouawYry07X8cZRY_hAHu5iygMecrBM6owqE5IX_uo6fE7NLCPRnPscWX7foYRjTpycDnzyg5Ta7WFALL7FdyV_ABkHwN8HMFBIP74corDj8rzM_4E_C5lWiNsSV9bLiTd6VIkYMQBFkZh-liBiwaIuLQWlHvIfWsh_pr74QyYEd9usGBVNwNMec84O75OtbJxNyAQ1dQuxktBWcEubX_gT0wPPKG6r5111lUTB_GNp0qD1w_HiO2jMy5X_CgE6TlFvgQqQ_t-FVTLoCTwkcf5yq9BbL3KOIowtrwkah_K6IWksJ-Jzi4LEzb31o2vmt2-ZBcp10Ktja-Km8ns926A43AnteP6dbcTpnNTtV6_-I5Vl7-ibEXTdfbv4Mr7Jnedv5qEkeXoEvv5haQI6Wldlir7Fi7oLYqLpOjsWr2pq-fJXPqfLQhbg6JzMnrdN-18AxStdYivVdANaWrsurHn2uKkxeozApPczeauTCiEcGKXAkowMj5YblUtJlWgIcW4bLJVLtLgckS9P4DCEB7YVpnZCj8BMrEEkazZ8-prUvAkYQ3tK9WS4U74myD5MZvW-H51avC63elfbBmP3CjAGtbFkmidM2W-24UAt__cgUGlgwgq9mmL-KpAOtbaYpQ0MupsCNz3det40W_r5Shrlx7CqWjutYIyRKjzE1AwmbKK8O9uHGG3CITZ4hgq5zcHDDpxo-h3mEnnSEcPFzJ5i-uS6-oIbHQIVRze4UWAY7aOBoql6dK9KtMUdrXUSlcjebFwfNPS3Zu5LalMNAKTfbikQr0eel-Q8BhnD7CZqjL218hP73Insbk_ECNAJ-ccRyQrs5tUJQGVDxlXl5Jh7W_EoXOTyCBizPELfdQHrAMPbgoqZmNHDBhym3XJSQBF3ExFDPLhPppYtaNF5ki9mgnJZbjnoBF4c-PtlvLs5_FFnt0_p17m10WKfey7fYxANnGczMnTWx7QYLNdt43vR0FX9Fjo6m17ePKUYp-nIAhMiOlXJ5VO_R0ccouJajD_EsidSIoxfrzktnCnJOoEJXOZ-xH9N0i53zfIMRn-x2V_mV44znNCmCUfv6mNDH_s1D_zRUDV5ru2TuSF5FLe7X-RGWmAFjid1nHcLE10Rpvih3FpFnBJ4399E0Cb33fr6meAUm-KdWO5cfcFYO6THB1Khh94n2U5XsRmbZVokgiObLbEyG7nVUeNP5oi0GzWjWNhn4a0kvIB4-pLRTbzUxSHcu9mQlEcmW2_ypcfYwxj3gYtxdctJU91yRNRMDfjGRzkQqFKy7Jvpx9ZzNFI5Vz5H6oFpydVM_sF69hPC8bq6JWyBAAvUK5CS5PyNrPpQKvBQUJpvt4SfL_URbC3BoeLLLDT08u1RY4IDU_l2VUuZ867QEYPDB6TMcfJzB8Q-kx4AzxrpC31PYMzWPuequqFlrVpouZjL9PhqoUiX42BFKYNfvOOjQXqX4tnuaymymkBHrE45qbikiPC5QpllOxGEb8cnhcL865EkUsg0r2h9pXu-Dlht2kqNFUiJ1XTE3R3zD77ewyWvLCdgHnyO8FZZ8gepm2K5YvRv4WgjKU-dq-OIpJWhBLltoC4x1bqOHgiYbSneY0k_v5RUqM2heCwUlKnA3fYgcvu4IhdXzh5obu_Ltd33zrD0QviUNwiQUt4deKzWMlpC7TmgTvCVOaaLOo52aX1fdRRYd0Pxo-kOIyXwroFMe1GaMjhf44wL3UcZvcOjV6dou2agtmiFo12aH5tkZPvsfUh8BAZSuiQWVGfYEBM_iM6Ee98J3EN2q74-_J7vcmTXO3Hg1WNNLAUnrbBAnLuAnbSk9-D7-hg1h0P4lTYFugJQQa6HvwTiZAZvwhsSzHVdXk80XP4Q_Ll2aE82MrMWqhbYtratEZhQQzpFX2ETDuynkjITTf4pR61rElQ7RsV9eLiufBV-jpHT-iMR6lwwFRF3MXZet2cFRZyFgSM25HfvR1JRfcEhkIv1jNL-hrtRCE3VBtZ63CtC3mxI3L8YfjNXfSirj1zvNIAfJjd86puJwXzep90OJPYdihJyILwT8aU8wmjsTjY5N7udmSgPG6yY3qOjk78ROmLDN7GtjwVwNuhjLTtzIILveSDAleyNV4V55h18CGFRwf7KTPyy817n7XvFcI5_0DYMi83An-wf6dwb-Hy0D6nTmWIT3yDPWLrgIzLIXjd71TTu03dXALG_cwvrDwMFSUmoNE1PTzkHWJch4NsDKGynZqpzGnnDDh2JxQAejxak8z5pEP0HS1nHWB1yi4&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0db1f99730ce36725892ee85b10c16e8d10ed3e315ae69becbf47a7473928cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=6048000
content-encoding
gzip
content-length
87
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 10:10:31 GMT
etag
3536584868236156801
expires
Thu, 01 Dec 2022 10:10:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 0307 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpgGCOk1jJNMYhAZxkJtZAi9TI0xyJFrTlJaldUpkuqooEVWVe80_NNjXEO8sQdaUUQ49jkBlo1WlN2EALyYHqlXfT3g&cry=1&dbm_d=AKAmf-BqJR2l7cTIGeXWoOnkbW0TqGkC7ttrt3QCcTZuECy6g4mAk957zq16yVm2wo8BIpH2aCXiXtWXLiWRMc8NC807c43zgcZ3CZN1yjFsBJjODOZi2nJFq6HIC0oVUZuuSBKucXEdP1fpoRKxHwjxELUYu3bQ56sHkwXQ1NGhrBpalfXuiVuf7JOXWtVsSkGfWMSj2M5E3yTRGJn6Hbgf9wFmWMpuLxZcyBaHJI_j0ixd3xlULTgBUl5IWO-3wXaQ7gQT8R5L3401BaPQ1hqajTEflI77kUKukYg9JR0lK6JE8tgoMh2rWJ1H6dzTnc3ieFsVr1kbVGRpPXfQ9C2TbmuY6yx3SkJf7UrjcVir2HZ2GfI6rhf6YqtjGAW6yDKoU4Jebvtr2eEJWPzwcpQl1_SsPa1xUusUNu3QBVO0UMT5ICmj5EW4gXBr0GswVM3lI9yeGCQ8I3BZKu-YX61NCTjRSX9A8RyD6L5X9BRhK9LhOO0soy4lzWpi6kUe8Ul0NxVcmXO4msrJ9-nNk9PddCW6LwN9AoexA1iGs_xSytsfD6Y843QLHj1_vCyLBR8PUYnDzJBpwvyOdYbeZCZOcxU8CieGEjeMI9vjqnx40zk4ZoThLKg4d9Ieqs8GGB8-EP2AoBgshr-uR9RV4lpcSOlwDUmZOBEQbMjlO2fGt9r9L2H4r72rSYCuN-FknzAMJgRdF4JYEfKf7NGrSvWKsKn2WOBG1MMSeb4k8qrzIxtPqsis0KT7X3zaDFBL7Ve9Wo7gf9GobD5AGjsZ2oQzThQITJwdiTKKa5izTTgPEbphfTre8-mAXDIq2XnWQ6TaTNoQZSbJWhsWb5r_-av73G8rZOK4dGw1K4aQosKM0mTsfx0h6UfSzC6_aAndF2BARuWnes6ON5YQzoYJmFfrAeujVq1apwMoA8yDkX2Ov17h591wZEY-526vZ11B8z_CtjG08EoKQi9sMFwu2NVL8ofvFxFnScL-TTfaGguD8vbijoFe7Tc_R-UUbWxEwJ9MWMQlLODtP6vAxDOEceb0r4gnPdQwpM-h8zoM05hGDNmog-ft1z0QYln1_EqxyuELoHY0NN2O8GN8JIPufcUoSCrWJ3XZAD6QE4g94FsJyyBzNAIme3ivYMGPh79Cg81hVpakPl2cc3sgD4F1xmWQ0I4jN1yc95uvgGztu2R0Y2H4KeqEzcFcJAzEwEyQt4R9DACS2zPd-WpchKjQYMgel1DCEYRqgNpfLbCiJBXXvwpcWhvebV9069bqfHe_aVKzkxs48Z6o45PR0GNBYnU6fK9o8yFUxX50aZ10ZrtuHoKUdBUKbDLI7kEYxQsB99Bf9Kwbm7Fgwkii-4_JNkHOp5WRmy09YQnAh2DJNjCrgfac2sAcNaZPTdK46HVMhW3JSUHLG7fmAgTIms3b6XROh-zYCzwLdBFlximDh-HlISx9WOTAsKbmOR0sPE4--AKBpgGl_qd6psnmCbkkaf2yajEQ-pZDUGIxZHC0LWIJ7aBOsbiKKEh0sRR1qeMygnEkBcGVtq4H3_HYrChKbEKzqFhbPjNA1s7XHT2ORUGN6KmOfTzvNmTlVra1g-HCj8a0FXU8Uid74U04iGaLUn9xGXxmRnWHKL4eg63ScNnILdG9vExEdZRtrFkwIGJXgfwEq5lObDD9cs4gxRBdx50rtVeIOivty3PIjSUAjvYZpLeD_ORu_ZMdHAh_miItpYlN5povTUaM8P8_ZMAeykFmZkpdxICMxbyr9Qp7CSYnu5y91xLfTYwpd2zrKlmdnOSnzDZ9naGouawYry07X8cZRY_hAHu5iygMecrBM6owqE5IX_uo6fE7NLCPRnPscWX7foYRjTpycDnzyg5Ta7WFALL7FdyV_ABkHwN8HMFBIP74corDj8rzM_4E_C5lWiNsSV9bLiTd6VIkYMQBFkZh-liBiwaIuLQWlHvIfWsh_pr74QyYEd9usGBVNwNMec84O75OtbJxNyAQ1dQuxktBWcEubX_gT0wPPKG6r5111lUTB_GNp0qD1w_HiO2jMy5X_CgE6TlFvgQqQ_t-FVTLoCTwkcf5yq9BbL3KOIowtrwkah_K6IWksJ-Jzi4LEzb31o2vmt2-ZBcp10Ktja-Km8ns926A43AnteP6dbcTpnNTtV6_-I5Vl7-ibEXTdfbv4Mr7Jnedv5qEkeXoEvv5haQI6Wldlir7Fi7oLYqLpOjsWr2pq-fJXPqfLQhbg6JzMnrdN-18AxStdYivVdANaWrsurHn2uKkxeozApPczeauTCiEcGKXAkowMj5YblUtJlWgIcW4bLJVLtLgckS9P4DCEB7YVpnZCj8BMrEEkazZ8-prUvAkYQ3tK9WS4U74myD5MZvW-H51avC63elfbBmP3CjAGtbFkmidM2W-24UAt__cgUGlgwgq9mmL-KpAOtbaYpQ0MupsCNz3det40W_r5Shrlx7CqWjutYIyRKjzE1AwmbKK8O9uHGG3CITZ4hgq5zcHDDpxo-h3mEnnSEcPFzJ5i-uS6-oIbHQIVRze4UWAY7aOBoql6dK9KtMUdrXUSlcjebFwfNPS3Zu5LalMNAKTfbikQr0eel-Q8BhnD7CZqjL218hP73Insbk_ECNAJ-ccRyQrs5tUJQGVDxlXl5Jh7W_EoXOTyCBizPELfdQHrAMPbgoqZmNHDBhym3XJSQBF3ExFDPLhPppYtaNF5ki9mgnJZbjnoBF4c-PtlvLs5_FFnt0_p17m10WKfey7fYxANnGczMnTWx7QYLNdt43vR0FX9Fjo6m17ePKUYp-nIAhMiOlXJ5VO_R0ccouJajD_EsidSIoxfrzktnCnJOoEJXOZ-xH9N0i53zfIMRn-x2V_mV44znNCmCUfv6mNDH_s1D_zRUDV5ru2TuSF5FLe7X-RGWmAFjid1nHcLE10Rpvih3FpFnBJ4399E0Cb33fr6meAUm-KdWO5cfcFYO6THB1Khh94n2U5XsRmbZVokgiObLbEyG7nVUeNP5oi0GzWjWNhn4a0kvIB4-pLRTbzUxSHcu9mQlEcmW2_ypcfYwxj3gYtxdctJU91yRNRMDfjGRzkQqFKy7Jvpx9ZzNFI5Vz5H6oFpydVM_sF69hPC8bq6JWyBAAvUK5CS5PyNrPpQKvBQUJpvt4SfL_URbC3BoeLLLDT08u1RY4IDU_l2VUuZ867QEYPDB6TMcfJzB8Q-kx4AzxrpC31PYMzWPuequqFlrVpouZjL9PhqoUiX42BFKYNfvOOjQXqX4tnuaymymkBHrE45qbikiPC5QpllOxGEb8cnhcL865EkUsg0r2h9pXu-Dlht2kqNFUiJ1XTE3R3zD77ewyWvLCdgHnyO8FZZ8gepm2K5YvRv4WgjKU-dq-OIpJWhBLltoC4x1bqOHgiYbSneY0k_v5RUqM2heCwUlKnA3fYgcvu4IhdXzh5obu_Ltd33zrD0QviUNwiQUt4deKzWMlpC7TmgTvCVOaaLOo52aX1fdRRYd0Pxo-kOIyXwroFMe1GaMjhf44wL3UcZvcOjV6dou2agtmiFo12aH5tkZPvsfUh8BAZSuiQWVGfYEBM_iM6Ee98J3EN2q74-_J7vcmTXO3Hg1WNNLAUnrbBAnLuAnbSk9-D7-hg1h0P4lTYFugJQQa6HvwTiZAZvwhsSzHVdXk80XP4Q_Ll2aE82MrMWqhbYtratEZhQQzpFX2ETDuynkjITTf4pR61rElQ7RsV9eLiufBV-jpHT-iMR6lwwFRF3MXZet2cFRZyFgSM25HfvR1JRfcEhkIv1jNL-hrtRCE3VBtZ63CtC3mxI3L8YfjNXfSirj1zvNIAfJjd86puJwXzep90OJPYdihJyILwT8aU8wmjsTjY5N7udmSgPG6yY3qOjk78ROmLDN7GtjwVwNuhjLTtzIILveSDAleyNV4V55h18CGFRwf7KTPyy817n7XvFcI5_0DYMi83An-wf6dwb-Hy0D6nTmWIT3yDPWLrgIzLIXjd71TTu03dXALG_cwvrDwMFSUmoNE1PTzkHWJch4NsDKGynZqpzGnnDDh2JxQAejxak8z5pEP0HS1nHWB1yi4&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:07:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 0307 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpgGCOk1jJNMYhAZxkJtZAi9TI0xyJFrTlJaldUpkuqooEVWVe80_NNjXEO8sQdaUUQ49jkBlo1WlN2EALyYHqlXfT3g&cry=1&dbm_d=AKAmf-BqJR2l7cTIGeXWoOnkbW0TqGkC7ttrt3QCcTZuECy6g4mAk957zq16yVm2wo8BIpH2aCXiXtWXLiWRMc8NC807c43zgcZ3CZN1yjFsBJjODOZi2nJFq6HIC0oVUZuuSBKucXEdP1fpoRKxHwjxELUYu3bQ56sHkwXQ1NGhrBpalfXuiVuf7JOXWtVsSkGfWMSj2M5E3yTRGJn6Hbgf9wFmWMpuLxZcyBaHJI_j0ixd3xlULTgBUl5IWO-3wXaQ7gQT8R5L3401BaPQ1hqajTEflI77kUKukYg9JR0lK6JE8tgoMh2rWJ1H6dzTnc3ieFsVr1kbVGRpPXfQ9C2TbmuY6yx3SkJf7UrjcVir2HZ2GfI6rhf6YqtjGAW6yDKoU4Jebvtr2eEJWPzwcpQl1_SsPa1xUusUNu3QBVO0UMT5ICmj5EW4gXBr0GswVM3lI9yeGCQ8I3BZKu-YX61NCTjRSX9A8RyD6L5X9BRhK9LhOO0soy4lzWpi6kUe8Ul0NxVcmXO4msrJ9-nNk9PddCW6LwN9AoexA1iGs_xSytsfD6Y843QLHj1_vCyLBR8PUYnDzJBpwvyOdYbeZCZOcxU8CieGEjeMI9vjqnx40zk4ZoThLKg4d9Ieqs8GGB8-EP2AoBgshr-uR9RV4lpcSOlwDUmZOBEQbMjlO2fGt9r9L2H4r72rSYCuN-FknzAMJgRdF4JYEfKf7NGrSvWKsKn2WOBG1MMSeb4k8qrzIxtPqsis0KT7X3zaDFBL7Ve9Wo7gf9GobD5AGjsZ2oQzThQITJwdiTKKa5izTTgPEbphfTre8-mAXDIq2XnWQ6TaTNoQZSbJWhsWb5r_-av73G8rZOK4dGw1K4aQosKM0mTsfx0h6UfSzC6_aAndF2BARuWnes6ON5YQzoYJmFfrAeujVq1apwMoA8yDkX2Ov17h591wZEY-526vZ11B8z_CtjG08EoKQi9sMFwu2NVL8ofvFxFnScL-TTfaGguD8vbijoFe7Tc_R-UUbWxEwJ9MWMQlLODtP6vAxDOEceb0r4gnPdQwpM-h8zoM05hGDNmog-ft1z0QYln1_EqxyuELoHY0NN2O8GN8JIPufcUoSCrWJ3XZAD6QE4g94FsJyyBzNAIme3ivYMGPh79Cg81hVpakPl2cc3sgD4F1xmWQ0I4jN1yc95uvgGztu2R0Y2H4KeqEzcFcJAzEwEyQt4R9DACS2zPd-WpchKjQYMgel1DCEYRqgNpfLbCiJBXXvwpcWhvebV9069bqfHe_aVKzkxs48Z6o45PR0GNBYnU6fK9o8yFUxX50aZ10ZrtuHoKUdBUKbDLI7kEYxQsB99Bf9Kwbm7Fgwkii-4_JNkHOp5WRmy09YQnAh2DJNjCrgfac2sAcNaZPTdK46HVMhW3JSUHLG7fmAgTIms3b6XROh-zYCzwLdBFlximDh-HlISx9WOTAsKbmOR0sPE4--AKBpgGl_qd6psnmCbkkaf2yajEQ-pZDUGIxZHC0LWIJ7aBOsbiKKEh0sRR1qeMygnEkBcGVtq4H3_HYrChKbEKzqFhbPjNA1s7XHT2ORUGN6KmOfTzvNmTlVra1g-HCj8a0FXU8Uid74U04iGaLUn9xGXxmRnWHKL4eg63ScNnILdG9vExEdZRtrFkwIGJXgfwEq5lObDD9cs4gxRBdx50rtVeIOivty3PIjSUAjvYZpLeD_ORu_ZMdHAh_miItpYlN5povTUaM8P8_ZMAeykFmZkpdxICMxbyr9Qp7CSYnu5y91xLfTYwpd2zrKlmdnOSnzDZ9naGouawYry07X8cZRY_hAHu5iygMecrBM6owqE5IX_uo6fE7NLCPRnPscWX7foYRjTpycDnzyg5Ta7WFALL7FdyV_ABkHwN8HMFBIP74corDj8rzM_4E_C5lWiNsSV9bLiTd6VIkYMQBFkZh-liBiwaIuLQWlHvIfWsh_pr74QyYEd9usGBVNwNMec84O75OtbJxNyAQ1dQuxktBWcEubX_gT0wPPKG6r5111lUTB_GNp0qD1w_HiO2jMy5X_CgE6TlFvgQqQ_t-FVTLoCTwkcf5yq9BbL3KOIowtrwkah_K6IWksJ-Jzi4LEzb31o2vmt2-ZBcp10Ktja-Km8ns926A43AnteP6dbcTpnNTtV6_-I5Vl7-ibEXTdfbv4Mr7Jnedv5qEkeXoEvv5haQI6Wldlir7Fi7oLYqLpOjsWr2pq-fJXPqfLQhbg6JzMnrdN-18AxStdYivVdANaWrsurHn2uKkxeozApPczeauTCiEcGKXAkowMj5YblUtJlWgIcW4bLJVLtLgckS9P4DCEB7YVpnZCj8BMrEEkazZ8-prUvAkYQ3tK9WS4U74myD5MZvW-H51avC63elfbBmP3CjAGtbFkmidM2W-24UAt__cgUGlgwgq9mmL-KpAOtbaYpQ0MupsCNz3det40W_r5Shrlx7CqWjutYIyRKjzE1AwmbKK8O9uHGG3CITZ4hgq5zcHDDpxo-h3mEnnSEcPFzJ5i-uS6-oIbHQIVRze4UWAY7aOBoql6dK9KtMUdrXUSlcjebFwfNPS3Zu5LalMNAKTfbikQr0eel-Q8BhnD7CZqjL218hP73Insbk_ECNAJ-ccRyQrs5tUJQGVDxlXl5Jh7W_EoXOTyCBizPELfdQHrAMPbgoqZmNHDBhym3XJSQBF3ExFDPLhPppYtaNF5ki9mgnJZbjnoBF4c-PtlvLs5_FFnt0_p17m10WKfey7fYxANnGczMnTWx7QYLNdt43vR0FX9Fjo6m17ePKUYp-nIAhMiOlXJ5VO_R0ccouJajD_EsidSIoxfrzktnCnJOoEJXOZ-xH9N0i53zfIMRn-x2V_mV44znNCmCUfv6mNDH_s1D_zRUDV5ru2TuSF5FLe7X-RGWmAFjid1nHcLE10Rpvih3FpFnBJ4399E0Cb33fr6meAUm-KdWO5cfcFYO6THB1Khh94n2U5XsRmbZVokgiObLbEyG7nVUeNP5oi0GzWjWNhn4a0kvIB4-pLRTbzUxSHcu9mQlEcmW2_ypcfYwxj3gYtxdctJU91yRNRMDfjGRzkQqFKy7Jvpx9ZzNFI5Vz5H6oFpydVM_sF69hPC8bq6JWyBAAvUK5CS5PyNrPpQKvBQUJpvt4SfL_URbC3BoeLLLDT08u1RY4IDU_l2VUuZ867QEYPDB6TMcfJzB8Q-kx4AzxrpC31PYMzWPuequqFlrVpouZjL9PhqoUiX42BFKYNfvOOjQXqX4tnuaymymkBHrE45qbikiPC5QpllOxGEb8cnhcL865EkUsg0r2h9pXu-Dlht2kqNFUiJ1XTE3R3zD77ewyWvLCdgHnyO8FZZ8gepm2K5YvRv4WgjKU-dq-OIpJWhBLltoC4x1bqOHgiYbSneY0k_v5RUqM2heCwUlKnA3fYgcvu4IhdXzh5obu_Ltd33zrD0QviUNwiQUt4deKzWMlpC7TmgTvCVOaaLOo52aX1fdRRYd0Pxo-kOIyXwroFMe1GaMjhf44wL3UcZvcOjV6dou2agtmiFo12aH5tkZPvsfUh8BAZSuiQWVGfYEBM_iM6Ee98J3EN2q74-_J7vcmTXO3Hg1WNNLAUnrbBAnLuAnbSk9-D7-hg1h0P4lTYFugJQQa6HvwTiZAZvwhsSzHVdXk80XP4Q_Ll2aE82MrMWqhbYtratEZhQQzpFX2ETDuynkjITTf4pR61rElQ7RsV9eLiufBV-jpHT-iMR6lwwFRF3MXZet2cFRZyFgSM25HfvR1JRfcEhkIv1jNL-hrtRCE3VBtZ63CtC3mxI3L8YfjNXfSirj1zvNIAfJjd86puJwXzep90OJPYdihJyILwT8aU8wmjsTjY5N7udmSgPG6yY3qOjk78ROmLDN7GtjwVwNuhjLTtzIILveSDAleyNV4V55h18CGFRwf7KTPyy817n7XvFcI5_0DYMi83An-wf6dwb-Hy0D6nTmWIT3yDPWLrgIzLIXjd71TTu03dXALG_cwvrDwMFSUmoNE1PTzkHWJch4NsDKGynZqpzGnnDDh2JxQAejxak8z5pEP0HS1nHWB1yi4&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:27:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0307 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaLg-SstIfJ-Ud4_dLk8dVN3tzxe-9jQrX1LfM_mfHQIyvVNs1TDa03240prBh8m5xG3djeEi02sz-vQS3GRmZPFQxITamxsV3e_BqcDBVp_mWOwMKFDushuToRgl4PGtEbngowSwgtfITiRK_RwiJvbvE9DOGXK5LIFJtvXbb3aaqJUq7s0BOMt8y_5adogVuoAVBt55d3HlSJ-4LTR-6zQA88vm2oHjcwFrVre0jdm8mwSHHqgKZqlItXfwHYPUB5eQcgrpFAzDni0TIPk5C9RwC4-E_kdSy2lyv22wai-gBjsgCcOhrgeRic9rbnLRfK9EpEk3iH3NCetVd8AsD-aPY54LISfwmKkIwowCpyzFCAX0hZfziWE5ElajLmQKJhiNpbtsVLo-Vh0XvwKSJcnRuY3WE4qgW_L_KTkYlkNLJIJrSBDmw_6oVSJ1j3wM8UYFuhhKgvnFQz5B2HpiKIm6Nq1GPALkLsiHxwvEdl54vWf_F8rWYbi2WHnFhhIuS7DldOIW6mZL__rLUC9XXH_gbHGXor_F9rRhG110gbG6C18e2rUE_EOE8pgRGlxMyS4jGvoihuJO_Q32wDQAj1kPka2_HD6zfLLyNbfyZ6Laj1yEtlm-gjXz4f1BMHqyrYe3uopVKvoZP3SJFcUsT8RzycCu94JdlBKkZXzcn1AGZ1dG03RCRM9NV0hU1Kr2cBAdpUMeQ3BVoyX4Pe9t7uCrb33Eq1f259wOLP9hO2tuIkdDZgVnoSKsYajyHgHnaWW9UiREpf_EUKTbIqim5Te55wAtmqXdMerZ0SDH6ApQZ1RQfWCii5Dxv1JW_a2R2-Yqc9f5PhRoRrzf2XdnqGdp06WksJMX7aQ38aH0ZbrvF2x0e2FegQ9lUIxeWKsFe44yW7gCZm02c__SzLxmG6UD5I5t872CG8YfQ7qYIXgRtxglhVC8PXt4usITTSHV7znvmJu6zmtg_6556uTLNA5NJ8Xqy5AHZgkcBh_satXzB_17X3gA00cDwphEaWDKzwtDFboGOczijdmIy4tX87RvXGnI5ZJE41zhUWZlyLdLBSYjz2IcHAPxgCyn9YGdKUpqjie3zwFm37mOMf_h3FuhsFLWmwnA_IuiyrgYSNsvsp0qUCGkMsONIHwT39kZFmOBRGnUXTtfCiL5-nPk3Dq1-po1LoRiCCsmxwfxCqirn1GeYdO7Q3_uBGfqgW0i_QVrGjuQk0-83w9pugRmq4k7In5cioaxeouqtOtvxCE1-vkSFb9W-TWihgQ8OBybdrxEy1ZCeXjKjXcNjp2joFK643MsfeoCdjAEPJ_MHCvisINSTcJj6n3ujAkkqZtCKV51nsigW6SrzQ6pholFCUFEEbgYw0lk&sai=AMfl-YTYFWGraM4tfRp2VmjrPLdo1Q9qcnLGrxebwIMCVG9GvxPbrYtKnzXkq5tdUAZI6uaqpMT8fsAuOHBp-4MqhH0_B8aJyHZZheN9-oR6kAY1G2Q1i6cTPeHEqgh_oH4t2OO9XaN_K9UCKnQsJDZ1RYAG1gvkW_UyQy1POuAtbSfqB85qYq3z1XCKFy6Agz5SvexGfgLTJdc-Jnohy7EeXA&sig=Cg0ArKJSzFjm9j8r2hOuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=2&dett=2&cstd=0&cisv=r20220921.17545&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpgGCOk1jJNMYhAZxkJtZAi9TI0xyJFrTlJaldUpkuqooEVWVe80_NNjXEO8sQdaUUQ49jkBlo1WlN2EALyYHqlXfT3g&cry=1&dbm_d=AKAmf-BqJR2l7cTIGeXWoOnkbW0TqGkC7ttrt3QCcTZuECy6g4mAk957zq16yVm2wo8BIpH2aCXiXtWXLiWRMc8NC807c43zgcZ3CZN1yjFsBJjODOZi2nJFq6HIC0oVUZuuSBKucXEdP1fpoRKxHwjxELUYu3bQ56sHkwXQ1NGhrBpalfXuiVuf7JOXWtVsSkGfWMSj2M5E3yTRGJn6Hbgf9wFmWMpuLxZcyBaHJI_j0ixd3xlULTgBUl5IWO-3wXaQ7gQT8R5L3401BaPQ1hqajTEflI77kUKukYg9JR0lK6JE8tgoMh2rWJ1H6dzTnc3ieFsVr1kbVGRpPXfQ9C2TbmuY6yx3SkJf7UrjcVir2HZ2GfI6rhf6YqtjGAW6yDKoU4Jebvtr2eEJWPzwcpQl1_SsPa1xUusUNu3QBVO0UMT5ICmj5EW4gXBr0GswVM3lI9yeGCQ8I3BZKu-YX61NCTjRSX9A8RyD6L5X9BRhK9LhOO0soy4lzWpi6kUe8Ul0NxVcmXO4msrJ9-nNk9PddCW6LwN9AoexA1iGs_xSytsfD6Y843QLHj1_vCyLBR8PUYnDzJBpwvyOdYbeZCZOcxU8CieGEjeMI9vjqnx40zk4ZoThLKg4d9Ieqs8GGB8-EP2AoBgshr-uR9RV4lpcSOlwDUmZOBEQbMjlO2fGt9r9L2H4r72rSYCuN-FknzAMJgRdF4JYEfKf7NGrSvWKsKn2WOBG1MMSeb4k8qrzIxtPqsis0KT7X3zaDFBL7Ve9Wo7gf9GobD5AGjsZ2oQzThQITJwdiTKKa5izTTgPEbphfTre8-mAXDIq2XnWQ6TaTNoQZSbJWhsWb5r_-av73G8rZOK4dGw1K4aQosKM0mTsfx0h6UfSzC6_aAndF2BARuWnes6ON5YQzoYJmFfrAeujVq1apwMoA8yDkX2Ov17h591wZEY-526vZ11B8z_CtjG08EoKQi9sMFwu2NVL8ofvFxFnScL-TTfaGguD8vbijoFe7Tc_R-UUbWxEwJ9MWMQlLODtP6vAxDOEceb0r4gnPdQwpM-h8zoM05hGDNmog-ft1z0QYln1_EqxyuELoHY0NN2O8GN8JIPufcUoSCrWJ3XZAD6QE4g94FsJyyBzNAIme3ivYMGPh79Cg81hVpakPl2cc3sgD4F1xmWQ0I4jN1yc95uvgGztu2R0Y2H4KeqEzcFcJAzEwEyQt4R9DACS2zPd-WpchKjQYMgel1DCEYRqgNpfLbCiJBXXvwpcWhvebV9069bqfHe_aVKzkxs48Z6o45PR0GNBYnU6fK9o8yFUxX50aZ10ZrtuHoKUdBUKbDLI7kEYxQsB99Bf9Kwbm7Fgwkii-4_JNkHOp5WRmy09YQnAh2DJNjCrgfac2sAcNaZPTdK46HVMhW3JSUHLG7fmAgTIms3b6XROh-zYCzwLdBFlximDh-HlISx9WOTAsKbmOR0sPE4--AKBpgGl_qd6psnmCbkkaf2yajEQ-pZDUGIxZHC0LWIJ7aBOsbiKKEh0sRR1qeMygnEkBcGVtq4H3_HYrChKbEKzqFhbPjNA1s7XHT2ORUGN6KmOfTzvNmTlVra1g-HCj8a0FXU8Uid74U04iGaLUn9xGXxmRnWHKL4eg63ScNnILdG9vExEdZRtrFkwIGJXgfwEq5lObDD9cs4gxRBdx50rtVeIOivty3PIjSUAjvYZpLeD_ORu_ZMdHAh_miItpYlN5povTUaM8P8_ZMAeykFmZkpdxICMxbyr9Qp7CSYnu5y91xLfTYwpd2zrKlmdnOSnzDZ9naGouawYry07X8cZRY_hAHu5iygMecrBM6owqE5IX_uo6fE7NLCPRnPscWX7foYRjTpycDnzyg5Ta7WFALL7FdyV_ABkHwN8HMFBIP74corDj8rzM_4E_C5lWiNsSV9bLiTd6VIkYMQBFkZh-liBiwaIuLQWlHvIfWsh_pr74QyYEd9usGBVNwNMec84O75OtbJxNyAQ1dQuxktBWcEubX_gT0wPPKG6r5111lUTB_GNp0qD1w_HiO2jMy5X_CgE6TlFvgQqQ_t-FVTLoCTwkcf5yq9BbL3KOIowtrwkah_K6IWksJ-Jzi4LEzb31o2vmt2-ZBcp10Ktja-Km8ns926A43AnteP6dbcTpnNTtV6_-I5Vl7-ibEXTdfbv4Mr7Jnedv5qEkeXoEvv5haQI6Wldlir7Fi7oLYqLpOjsWr2pq-fJXPqfLQhbg6JzMnrdN-18AxStdYivVdANaWrsurHn2uKkxeozApPczeauTCiEcGKXAkowMj5YblUtJlWgIcW4bLJVLtLgckS9P4DCEB7YVpnZCj8BMrEEkazZ8-prUvAkYQ3tK9WS4U74myD5MZvW-H51avC63elfbBmP3CjAGtbFkmidM2W-24UAt__cgUGlgwgq9mmL-KpAOtbaYpQ0MupsCNz3det40W_r5Shrlx7CqWjutYIyRKjzE1AwmbKK8O9uHGG3CITZ4hgq5zcHDDpxo-h3mEnnSEcPFzJ5i-uS6-oIbHQIVRze4UWAY7aOBoql6dK9KtMUdrXUSlcjebFwfNPS3Zu5LalMNAKTfbikQr0eel-Q8BhnD7CZqjL218hP73Insbk_ECNAJ-ccRyQrs5tUJQGVDxlXl5Jh7W_EoXOTyCBizPELfdQHrAMPbgoqZmNHDBhym3XJSQBF3ExFDPLhPppYtaNF5ki9mgnJZbjnoBF4c-PtlvLs5_FFnt0_p17m10WKfey7fYxANnGczMnTWx7QYLNdt43vR0FX9Fjo6m17ePKUYp-nIAhMiOlXJ5VO_R0ccouJajD_EsidSIoxfrzktnCnJOoEJXOZ-xH9N0i53zfIMRn-x2V_mV44znNCmCUfv6mNDH_s1D_zRUDV5ru2TuSF5FLe7X-RGWmAFjid1nHcLE10Rpvih3FpFnBJ4399E0Cb33fr6meAUm-KdWO5cfcFYO6THB1Khh94n2U5XsRmbZVokgiObLbEyG7nVUeNP5oi0GzWjWNhn4a0kvIB4-pLRTbzUxSHcu9mQlEcmW2_ypcfYwxj3gYtxdctJU91yRNRMDfjGRzkQqFKy7Jvpx9ZzNFI5Vz5H6oFpydVM_sF69hPC8bq6JWyBAAvUK5CS5PyNrPpQKvBQUJpvt4SfL_URbC3BoeLLLDT08u1RY4IDU_l2VUuZ867QEYPDB6TMcfJzB8Q-kx4AzxrpC31PYMzWPuequqFlrVpouZjL9PhqoUiX42BFKYNfvOOjQXqX4tnuaymymkBHrE45qbikiPC5QpllOxGEb8cnhcL865EkUsg0r2h9pXu-Dlht2kqNFUiJ1XTE3R3zD77ewyWvLCdgHnyO8FZZ8gepm2K5YvRv4WgjKU-dq-OIpJWhBLltoC4x1bqOHgiYbSneY0k_v5RUqM2heCwUlKnA3fYgcvu4IhdXzh5obu_Ltd33zrD0QviUNwiQUt4deKzWMlpC7TmgTvCVOaaLOo52aX1fdRRYd0Pxo-kOIyXwroFMe1GaMjhf44wL3UcZvcOjV6dou2agtmiFo12aH5tkZPvsfUh8BAZSuiQWVGfYEBM_iM6Ee98J3EN2q74-_J7vcmTXO3Hg1WNNLAUnrbBAnLuAnbSk9-D7-hg1h0P4lTYFugJQQa6HvwTiZAZvwhsSzHVdXk80XP4Q_Ll2aE82MrMWqhbYtratEZhQQzpFX2ETDuynkjITTf4pR61rElQ7RsV9eLiufBV-jpHT-iMR6lwwFRF3MXZet2cFRZyFgSM25HfvR1JRfcEhkIv1jNL-hrtRCE3VBtZ63CtC3mxI3L8YfjNXfSirj1zvNIAfJjd86puJwXzep90OJPYdihJyILwT8aU8wmjsTjY5N7udmSgPG6yY3qOjk78ROmLDN7GtjwVwNuhjLTtzIILveSDAleyNV4V55h18CGFRwf7KTPyy817n7XvFcI5_0DYMi83An-wf6dwb-Hy0D6nTmWIT3yDPWLrgIzLIXjd71TTu03dXALG_cwvrDwMFSUmoNE1PTzkHWJch4NsDKGynZqpzGnnDDh2JxQAejxak8z5pEP0HS1nHWB1yi4&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame CC9B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
passback_970x250.js
static.adsafeprotected.com/ Frame 709D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1153048/65870243/skeleton.js?ias_dspID=3&ias_campId=1009216945&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=18381994235&bidurl=https://subject.c...
  • https://static.adsafeprotected.com/passback_970x250.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:236e:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
.AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding
gzip
etag
W/"094948b2d1170876fb8e76e432d87da6"
age
507652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:56 GMT
server
AmazonS3
date
Fri, 23 Sep 2022 02:07:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
VHC7jn5pBUucSF1SF8p2QiO_J23wVGXVV69QSJV_hiQkL4MzcCznWw==

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_970x250.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8D58 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
126346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
nBpnGtQf9otSuvcAKOFjAxdtOoAYZ4DyIT2MOFbf1mHqU8GCwL6AbQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame F579 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu22vw6i3QwyxxJhcNaznWxcUN1cdlFfgGZHc-733urUGDs17jDFZxYqKrH7a-P43COQxbDOSF2pz2JBMgf32JeHPU1NosBVg2yCb3QDzkcU5I6baBWdDOgqzgPqA7g14rkzRDRug&sai=AMfl-YTGLpneYQXmJ7LvEofbxIthtS6aUA3svYev3QChu3qzE1DR-ZFON7Y7atuHCw7xp2iC_dAtR80j2YY6&sig=Cg0ArKJSzAVO_MtsBakfEAE&id=lidar2&mcvt=1074&p=0,1,124.25,1006&mtos=0,912,1074,1074,1074&tos=0,912,162,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663900921080&rpt=452&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a4QH,pingTime:-3,time:396,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:396,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:332%7D&br=c
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a4QI,pingTime:-6,time:397,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:397,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:332%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
mraid.js
googleads.g.doubleclick.net/pagead/s/xfa/ Frame CBB5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/s/xfa/mraid.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
server
cafe
age
44690
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Sep 2022 14:17:12 GMT
new-tag.min.js
cdn.somplo.com/prod/test/251119/ Frame CBB5 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61539205d56624d72efb22ae6dc279637588ba1c0f5725047d1767126ea0130b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
am3-up-gc89, fr5-up-gc38
date
Fri, 23 Sep 2022 02:42:03 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa996.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
35520
last-modified
Mon, 28 Mar 2022 08:10:45 GMT
server
nginx
etag
"1ae62b0367e3f6f7d0418c15050b13e5"
vary
Content-Type
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=345600
cache
MISS, HIT
accept-ranges
bytes
x-cached-since
2022-09-19T22:44:51+00:00
x-amz-cf-id
B9FBURQviv20w-wmwXGfoJdk1uUUGy5FKCO8rvjotFSo2EV5jmBEYw==
expires
Tue, 27 Sep 2022 02:42:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C41D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
62317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0307 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b620e372603cc4456c6dc951b0e5842a4b547082cf5afb43a9ec4197608924de

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		443 KB
444 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-453831

Response headers

Date
Fri, 23 Sep 2022 02:42:02 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 0-453831/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
453832
Expires
Sat, 23 Sep 2023 02:42:02 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:02 GMT
Expires
Sat, 23 Sep 2023 02:42:02 GMT
Server
nginx/1.20.1
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a4RF,pingTime:-2,time:456,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:655,beZ:656,mfA:969,cmA:970,inA:971,inZ:975,prA:975,prZ:981,si:986,poA:987,poZ:1000,cmZ:1000,mfZ:1000,loA:1052,loZ:1054,ltA:1110,ltZ:1110,mdA:656,mdZ:877%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:456,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:332,sinceFw:123,readyFired:true%7D&br=c
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
container.html
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C59 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:00 GMT
expires
Sat, 23 Sep 2023 02:42:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bg_970x250.jpg
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/bg_970x250.jpg?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
921f745101206978b094d9a98bc47b50f9838bb836ecece4722f439ba0ff3d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
x-content-type-options
nosniff
age
549554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26810
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 709D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3uE1M95ZekMCi2DxvUFQVPVshPhR-qPHuKnseFaEEAV2jz3fdDMohZ4JrmHzUzvi_d4YlelNPcctitnYpDFUJpF5LnrJPKzsuNWBB9MKpTxW5pPTFStaXgNCZxGdPOVOdOCAU9i6I0EH-bZwzueM6gxzmjFOqrPsKFZjL-8CUFZhKTcvEbGG8gMwRSyYw9D-G03edYlog8ktvihBnD6KLonmGLjEjPruRn-3Q33Y-fo2r_mFKR1V-vSKA2hwoYkiVo6DKeYCita2YV8TQyV6e6-Sp82cCjjOtJl0yrHwC3y6I_u4SFg7cAPILlt5MlFUhanAqDKJKe-M2Bj0W6gQ8FACyStsJ5MauhXESqSsVJhTIlWgN9FytYHd3fCPTE7wW08lrdrPQ4sn_IHojtY0mopTJ_-AhRQWpWz8xfgslFRX9jdul71HfEYrocCu14LSRkDPp9m8MhTBn04fSoTLTbH-bLXeaa1tCHd4yez7ZuPPdrnazCFl3KQ4jEyvfOW9Rz5Sd1Yd_JcaIa7XLcGTEwYaAEoD0h0vdtWZIVp4fv-OOQ-sX6l6O5VZp9YIPkq44WaHB_5VclZQFUsSzvIo__PxN0oMYVeRkpeGci2-UHmmW7X0j6RPdzy407OPX8tUNWbJSEzgXqAOX8uU8BIDtOvldsfTWU8upLgpK_70JEUcs1qLwYga2S6RQ9hPT1x8a5W0b4-08F9_PbIiMdedORPRy6qNV7vAOqqClbZWu0QcpKwMuG6eIcSOgBw1HOJWzjrHqrcX3IPMWVoW5IXjJZO58a9aDinmaza7-MkoF_I96Bm58HKAi5RXdX4MMZj3gOlSNA0aXAirwfrj8e_fhB-pt5t3jN-rgj4Xh81ZliSKIpxd7jPWGF5hnZ7FSbmAgQfL7sGdFBcKVUK_u2RCHiDn4bBrjdKoPjAybvyTHAYhihDS-1UWJBymra2a7opzqhEqxKIOn2jRD4cif6PGdOghwWLo4ksZkRcvbepBK2OZzVPAnmInCM81Zqya-LJsqavW6whOkvPGT3K4QZWCiw_wxI6LQtftV5jt7RAl0c2ggT4afDpRF9H2pXWt16Gyk_R7Np95KtP9P0dr1w30CkT315bGR6NtY0z1pwiunp8yDTvuNXShNab1xUPSabuHAqPtWo1k1eNmExCXzxCPcIIiE151HfzmbrTJV_X_xj5mznYIQFEZrlJC_QcR2qjLbpAyScA6DlF9bO9I0dWWCRkztPx__58hKSUOK591W_WkX4-ykACix5T8&sai=AMfl-YTXqy7AvyjpCeudLFkF66m3NpsCVeLT2KFAwKbiK9wshisMVTOaGN3NpCtms6nX1fDQuT39EM1IEsqn4HjFLQfO6ZQdQi8a2r9iVAwwPCJ-ltTUIOkbjv1I6hGbCDIq43fBrV4fyEjwoqEfU8Y9oslra8iFlvrDpspTf1rh3J_kiLZMc63sWQJweKO66e2fOVyEu95AB_66lZCUxjO-_g&sig=Cg0ArKJSzNvz0d59lpciEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=810&vt=11&dtpt=452&dett=3&cstd=355&cisv=r20220921.65065&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
platforms_vertical.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/platforms_vertical.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3774f96df5da66523ee060a53a0b5221a2dbdf5d5f542e8f63b54fc1d4ca07d2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
216236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3533
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Tue, 20 Sep 2022 14:38:06 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Sep 2023 14:38:06 GMT
platforms_hoizontalr.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/platforms_hoizontalr.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a951ac92c418022235c97c9f3ebee0d29306143b80a93870608c15dff8c0421
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
286398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3592
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Mon, 19 Sep 2022 19:08:44 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 19:08:44 GMT
logo_horizontal.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/logo_horizontal.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
570c365b33117fa839ab55f8e38653fd994ea0272c3c68de2ff594e91afed3d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
216236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1858
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Tue, 20 Sep 2022 14:38:06 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Sep 2023 14:38:06 GMT
dia.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		67 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/dia.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
606fb9faa791f219a45d8066e84b94c6c036b00cec4084346c976bb289bfd95d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
218444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8704
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Tue, 20 Sep 2022 14:01:18 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Sep 2023 14:01:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0F90
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 23 Sep 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
BLOOD_300x600.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/BLOOD_300x600.png?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0099c5ae56d654046158f5ad31934f064044f114e8e9a9dfb825d444d8988cb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
x-content-type-options
nosniff
age
549554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17206
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 709D 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
age
511074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28949
last-modified
Fri, 18 Feb 2022 23:29:18 GMT
server
AmazonS3
date
Wed, 21 Sep 2022 01:45:30 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
lS2581RC6O8YB0zD4kmvmPxqephDjIgz7jrySXO1uXSe2b20Qg_Y_w==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C41D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1&google_push=AZmPxg8YmfLuHfp3ZXilglnstidKCGdpX5_ejTppGltzQYhORVrfZTpi7D18fR_EUjfgoGBSkX4TSO_kDlvTvG19CzZCldJS8iH8yA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjgxMTI2NjMwODI5ODIzODY2MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDX280DV1KZCpiGY1SEnwEc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C41D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGEeD-hlrBVGxGsWmkTqDtI&google_cver=1&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48d...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48dFPZzs491ag3jGg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48dFPZzs491ag3jGg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg89LuTKz1hsqUsrH1fF1gkRfxR5cGc79GVe7R36fixaJxXq6WHgPg7Ex9sr3bx2UmTZ_S6QAYJnaifSp48dFPZzs491ag3jGg
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 02:42:02 GMT
pixel
cm.g.doubleclick.net/ Frame C41D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEouPmyeZsYKXZQmV8osMok&google_cver=1&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaXMl7yp3_NzmutwA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaXMl7yp3_NzmutwA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 02:42:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg97Etii5Wz-KrhyegNZ1Mewj_nIiIKQRdLWGJ3zij9g4b-oH-ABnYG9kq-U5sHo5rbOMJYawT21syo_eUaXMl7yp3_NzmutwA
x-host
tde-deliveryengine-production-646f888bdc-hgnsp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame C41D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJqbK44Q1cE8u9iyaZFexdE&google_cver=1&google_push=AZmPxg8FCz_-KPulNbUnpUjbwRmZUkIAcX6tYgqtoDEmv5yadqgfrVqq8QbkbBfgk0Ow1KI8RuiuvnWfyCHCaZxvLJenyGBfwD3g3Q
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0qlqc8s1n7bcdbc5jfebk9r9mv7c5i3v
pixel
cm.g.doubleclick.net/ Frame C41D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEV1_qcDhdL2zm0u-W_yCAY&google_cver=1&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5HjO...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IbG6diXVRANPGmFOX39XldmKxGs&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5Hj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IbG6diXVRANPGmFOX39XldmKxGs&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5HjOtYaNfhuBibu8QdQ
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IbG6diXVRANPGmFOX39XldmKxGs&google_push=AZmPxg9mTBUVOU2wWINham02F--6hYVPKpJgTVTCIhi_9AoPUFM1y058QfVKJED5tjyCDDBAKbSW1_W3z9F5HjOtYaNfhuBibu8QdQ
Date
Fri, 23 Sep 2022 02:42:03 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
sync
ssbsync.smartadserver.com/api/ Frame C41D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPFKeEEDuIyKXSJcY49p7qg&google_cver=1&google_push=AZmPxg8ebbwYwg-4DGK2-fLvC4cqVr_sY2oo_roK7dp3niXwxuwk1n97WJgflJaUc9f9ulbHr2eFJs48xPy5aftJa1nNK7VOWo2j
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame C41D
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESECviQ4-GYi98EqrF2RpnLBY&google_cver=1&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTim_Z9WPXKoq8eOgS2T3hVroovcWvJDIWg
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjFhOWM5YzUtMjM2YS00ZDdiLWE1ZTMtMTY5NWNlNzE2Zjk3&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjFhOWM5YzUtMjM2YS00ZDdiLWE1ZTMtMTY5NWNlNzE2Zjk3&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTim_Z9WPXKoq8eOgS2T3hVroovcWvJDIWg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjFhOWM5YzUtMjM2YS00ZDdiLWE1ZTMtMTY5NWNlNzE2Zjk3&google_push=AZmPxg_fUwLXs_JMGkqvjaoa57hvj5jysrl_BbVQvLr16kVgYNogwiETGhOsIxz3-y74fTim_Z9WPXKoq8eOgS2T3hVroovcWvJDIWg
date
Fri, 23 Sep 2022 02:42:02 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C41D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jg6D1D6nRoRDZUs6tn_48chIt-cwAq3kVdNubrBPvLst9AHkSknXjdPZZ9el-Un2wNHlwQZQ
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1829 		466 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjY_uXTATAB&v=APEucNUe0sL7dyYpUKIwEistNbxSalFEUMsSu6O02cOIujnljh9aKzOju0Oex_CfLpTQI2Sjt74BGxHm4mdy2_Q4M9aE7BqW-1BOn5vKXcmczCpOGFyIr6SkuMvrhVJp-XMXG5QVZ1IbFjW9jFaT-X3FhLhV-dVAYtymllBSpxGYVWYhElJIB0gpYdxsIqtjmCRYk7V6KR2c9x6MdIO5jLpp1UUh1H5F_g
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0C59 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJozWXWxvOnZ2xzNdyyN1gElrN_rQqVjynno5MRlgyvl6nywW8-RY-cvlhlN1TO5ussAgYG4AvY8caS0N4XVqN6D-DzoVMlZKxvQ5b2CBnCzcbuVQinnn3DscRXevde-n3rbSVJ2gdzpWx28-CnzU-WOB1gfCH10Gp3OAn7XGWbcRnbtE&dbm_d=AKAmf-CJUhpSabA6fJFKyd_tuea4qKZB1W74xsZ1YOWUSCr-dDJiolPx3Jp_zG7wdQtO03xVuu4c6nFyFi7zPd0gXX2maPlWmTe8klWV5XWFDuOT9Iwem9a4vYeBOi1PMxw54UPuzy0JHYFH4eyomV3TDTAYQZdbUk3YzpA18Onk9t6DLv646rwnd1sBF3ZUGSFJr_xbFlXbbukYkLRxEI9FlUM0nHVw8d92bhHLbHVtk-HT6fJs6jRoI_z--q8JkC28y_dGh28TeY1FFlQ62enk7ITW9qDXr5BR6klnfk8YRn0TAQhCVt9k7an5SF9LMAr3KT5lYcC59wBfsy5D1OpJY1FXiXOCl7XFofcKCvY0fLnm1epMgUIb_Umokxot80RaAMnPAoGrfqTGLf4cbT8v9KzW-rkpZDDdKKA4f8ZCtSL2UmOax47PP04uvHPmQVfdSqw4uKvgzHbGUHh6VR5exIqrDtKG8nucbw263OeTD8m9VACfvH3qMpzvvjW7B9OvmbTujhVbDNEbLdrhCL7zJzMBWXV2b-6c17wYWR4l-ZXtSwBHVZXrWqPYaeuVEGPPqJpJvRTgqQZRLE9-z2O4BW8wfIdYT4eCcyl5z3qcHEycj0yTd5mUoYb2S0X708VB8rGc7xqrB1LzsCUa4F3Zx-PbvH2dM9Q7_03BRiQ6kt6qvE0h3MljQEH221-tTksBx50lF9zaU9aP3QtYssY5iQRYopSPEqvl63H6Z7fAqUplek67DwbhN1cSyDJPuP5PKgATZvzZLh_iWTKNsKEP_ILTyZULSgzDBQctBlEFCVkuMxKBPHcB_NWiZrX5u31uzPo1rrxIDh3W-zEEJ4mCMHkQvlpMZFpwDV2K2iI6JuqKxaJ9orsE4tKPm7p2IIbr6nMdgTRC0m9SQqCmvMOAu7WjDsHt13rRSmz5mY5MOvLYA7tDUxn57uWATiCoQ1SjpQH2VMEv_v1LD7mLGQKjl46SfF7BUa81I_p_qEP_5MANDpU4azKdosol9AOjkyXh_Mcsc1j572ykoqTlrlLiYTNSeDHhT-nZYufaqkJvG2HmHZCQZd0iHEZ5GytvkhAx5D5WqIlaAsTkkeibO6RDj_XyaJGk9-5ur7fZWmvj81ftLhWwUqLaWe0ZBx3K9MiivqwrM_AJuXBlWSuyMxUWFUVQt-j4JF8egxUTidiKEwLTPh52Fje8ls237lTrCAU2P3GL93ByHZn6zjtnTg9VfOb0CFVaN5qOGcJFKrkELzFZOY7XOFpQ7FhfPfu4V4Gm_iU4fxWM2rx9YlRnPFZ0Xz6yrBGBqUIXOsRz2OfDoDUfG-nxGMefwvUBsFF0iAMRVUDcl5F-IdrlvU9y0WZCkzKJc54guqLnB7-wy4yDAtLO75g6GzgbFYxc3fLO8B-0SPf_MhvJNhdLhBWJi1FItP7mLiuA0Wcmma-6ppfpMMRNYOmAkdNY1bUWj0bmoS76Xnt7QdMWGnOefF2nTQOUVBb2puhnZTkTrilJ9kaYx1lk-1nJHxxMgUFs-VkuNo_1vh9fLUwdKW8RGdkcDixVufqS-v9FAY2-uaFbucIxr7gom1pPzbZC_La8G9_3-Ous7CAo4XQ-OO8CjM-6VCBYQAPMluKlo72r2zn3iWmO8xXBT_LiD3LHoqtkp_GQgXI3LIbTfrnS68Z7vpQw_J2fEzsrYV63NVPNnuwdejkLIn_RK8fY-hxNZl80UTsXPALgCbjILeWj11EPCE5d74lH0YpNFz-WeTaUFbZj76K4H5OEOjXid8o2u9E-E3wXl3PTl9GeC-sLZT6HxwfV55iK2eB_BsTlhvyflvuPtqjilfrN7xwHMmAzdWePFjYPbWHEnHKJzKWo9z5jPjEQjYJrxiFkRQwExndTx9RbMNlKJto8_Q9lChVP8jA6pn-9xqzUbKlmbfyTfC1yVGeZ6x7pOALDn15SHGlYl8r9KBcxFRj8VVgwwmPMZpsxOMd7YK-6ej20b0YquBzTtoLTQExP-zrUkyvVQw7-t5FJuC_4M2RPQflhTlppNTaiOee0nYJd36u5sJmTrpdwqmdLfkgD-QEdi2VhnuGJUtKLRHsVXq2r_URrncyH8QBWABYjSHjYWvSNLjFt6ycRwSAJjtRroy-ayWNGVmEBSewCbAQ_1OxfrheGMvmzjA8V1L36nbQfiRL76ZVHPNaz1X5pIBw5MilE1Qi-97AjEzYcOGn4xYKdY1cykxYrIgXJkk0GcYty2zEbsLjmOzoDt-xfcSXFch8F_4duYvpmLPhQUF3pSDSuk3jeke0NGJsX6ucp7zu9LAzsQ2GWOm6ZBg4KXPwd3DJPnpoB-xXoU8hQNJjGBOgBC_Qa7gOzqR_xrXr0D3OEa6CbDgOL6pbdZ1SJTuu8705FpEbRijFXE2bBLj1xdLxWFk2cR3Erj5u2YW2pTmljMiEyl5Q7rI7SxvgIP4R1HIAjpiF3G8y0w26wJCHVpkXpvOOl9L5zUx-bQIj00SxW92e8PeqUr1cSOD0S_8NRQhy8dRkSlzudwqy6UqmzOVMc_smIF8n95U3xEYcKyLwvES0B3INEljLxj9wAYKO_Ft-Un1OutgtBs3XTv2LPySbFKXt6FRjIYKumPptJHZI3fYm-np67qcTF5SQzIThqgURfUaBTANYK11eB0WCsXYClTPUyTd_QYdGFLCv2jxABYtwcfcKQgyp9sZVDIFkAeZOiSVwJHYwgA8h06u_N_rWXSv0w1ESG2JLgJsY3Md4CvgxvneU1oMprJGu8btxRr8ETGQ9zCHPyvt6FsCCBN1XoToaBcgMdqC5txPtJhuq135qFXwBc4AOCrvb5keysZ3fzUkeyQA4C8CnXhW4XjWIriX01oEms2Bzd7x3zb_rZWcEVXhvjKZ7cONA98yS31iJclweBlH6qavUiVHCLF53P_6JZwRpckrDjYLjpi_aYRssZdjBAI0S14ln9_mL9uJ7ZjHawx36HI94h7LvEg9iBF8on3DLl9qoGkNVZKz_Dm669iB03RVfy7QzDzLFrAO1iQenlY9J6uznLhuMhO9rvUijLH4l0gth90xct_E-qp4Z09HKHR-2l5wtBImj79WFLeILHoVm3buvyTWlTaC0tdjchjcKyWS-sKSbuYxkiB122_EQNHQcApc9JMtUQQLobMZkI10HtJzxrHCE350BqHf_D3HquUdQiqzOBxxCx10kL4PK_UIgk3pQKPI6kaLoRe9O4X9wFxtCrludYp6dOhTFpSiPcqqTveMWdmH9RZSfxi1JPWVd2l7TFQzbCRz3w0Oo6Tln6u91dcofgxECPRkYG0__c4F6CcMR_MxpU0uTwONIiZVlryuhLGKp73mlqn7sGcK4Tjm2jekUbwjiccQ29tkWHvz84xwJNk_d8FlKXSlc84ywbowBDs2VDLne2RNbx8CUVlB-2hfqyWzEb9TJ4gW5Z9QbqxelMv1rPF6NfE-_Ee7UXj1ofHSYK9rgrNzfdyH6eXYEVeAqdW_UINb9jGnMnUz_07GDk26s3jLKBZuQudi0um7sXANc9mubTNZeBqO_izp72nw3WAbUHqkbuyw5dLU8sC_1Qz_m_ARCmQ0ko3rknisiP6QRTjpf9gBOdU6ucpZLgy-f3IjQiRITxC5VvCeIDbju2oK-_hVtWny83ejhIV_Co-X0IKMiVbJY0Ic8lpobx6u7w-aXWvNjthcbdpOwRreCaVU5z9fU1Hqdni__RfvDfHf7R6iatH9mORXaFxG2xp0hziSW7mEg4iKMw3XwFfhId3hXx-i0Us_Pz&cid=CAASJORoZrwQ0S-5Bc7iVJ-XWP8r_EOoqCbEHZYdLrTqrBK1QEOfkw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d08d27871235ff16ae8c74815fbbaf44e5544e30406cf957e241371838c4fd9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35507
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C59 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSU5eL-Jp3p8dg17EuBTpKKqv0S4lE2sl_p3xvzmbOycn15Or0PSAFo3VzKQe9KL_jbLwHDF98OtBCtn0NwJN28UEz7O7k4OwZiF_Yhowk9nSpbGk
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 0C59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:18:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 0C59 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 01:44:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C59 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:02 GMT
truncated
/ Frame 6BD7 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
logo_horizontal.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/logo_horizontal.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
570c365b33117fa839ab55f8e38653fd994ea0272c3c68de2ff594e91afed3d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
216236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1858
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Tue, 20 Sep 2022 14:38:06 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Sep 2023 14:38:06 GMT
platforms_hoizontalr.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/ Frame 6BD7 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/219301973080408064/platforms_hoizontalr.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a951ac92c418022235c97c9f3ebee0d29306143b80a93870608c15dff8c0421
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
286398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3592
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 20:50:11 GMT
server
sffe
date
Mon, 19 Sep 2022 19:08:44 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 19:08:44 GMT
dustcloud2.jpg
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/dustcloud2.jpg?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823ae5c6dba4e1f8fa0d7c89fe3bf57f3073424c69e957883f6ddaf35f6a0782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
x-content-type-options
nosniff
age
549554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25991
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
partner
sync.search.spotxchange.com/ Frame 1829
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1&__user_check__=1&sync_id=4e344821-3ae9-11ed-a0eb-1e1d47870306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1&__user_check__=1&sync_id=4e344821-3ae9-11ed-a0eb-1e1d47870306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjY_uXTATAB&v=APEucNUe0sL7dyYpUKIwEistNbxSalFEUMsSu6O02cOIujnljh9aKzOju0Oex_CfLpTQI2Sjt74BGxHm4mdy2_Q4M9aE7BqW-1BOn5vKXcmczCpOGFyIr6SkuMvrhVJp-XMXG5QVZ1IbFjW9jFaT-X3FhLhV-dVAYtymllBSpxGYVWYhElJIB0gpYdxsIqtjmCRYk7V6KR2c9x6MdIO5jLpp1UUh1H5F_g
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
15
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEChICJAWnGsgNE5f3cMV7jg&google_cver=1&__user_check__=1&sync_id=4e344821-3ae9-11ed-a0eb-1e1d47870306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
104
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1829
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGUzMThmNTktM2FlOS0xMWVkLTk4ODUtMTk4NGU2NGIwMTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGUzMThmNTktM2FlOS0xMWVkLTk4ODUtMTk4NGU2NGIwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjY_uXTATAB&v=APEucNUe0sL7dyYpUKIwEistNbxSalFEUMsSu6O02cOIujnljh9aKzOju0Oex_CfLpTQI2Sjt74BGxHm4mdy2_Q4M9aE7BqW-1BOn5vKXcmczCpOGFyIr6SkuMvrhVJp-XMXG5QVZ1IbFjW9jFaT-X3FhLhV-dVAYtymllBSpxGYVWYhElJIB0gpYdxsIqtjmCRYk7V6KR2c9x6MdIO5jLpp1UUh1H5F_g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NGUzMThmNTktM2FlOS0xMWVkLTk4ODUtMTk4NGU2NGIwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
43
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1829
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0yQzhvUU54RTJ1Rk42NzJaUndZX01fNXFnY0dDU1Fncn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0yQzhvUU54RTJ1Rk42NzJaUndZX01fNXFnY0dDU1Fncn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjY_uXTATAB&v=APEucNUe0sL7dyYpUKIwEistNbxSalFEUMsSu6O02cOIujnljh9aKzOju0Oex_CfLpTQI2Sjt74BGxHm4mdy2_Q4M9aE7BqW-1BOn5vKXcmczCpOGFyIr6SkuMvrhVJp-XMXG5QVZ1IbFjW9jFaT-X3FhLhV-dVAYtymllBSpxGYVWYhElJIB0gpYdxsIqtjmCRYk7V6KR2c9x6MdIO5jLpp1UUh1H5F_g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0yQzhvUU54RTJ1Rk42NzJaUndZX01fNXFnY0dDU1Fncn5B
date
Fri, 23 Sep 2022 02:42:03 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
FROST_300x600_small.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/FROST_300x600_small.png?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bf795d3cc0553dc54bf138eb47bdabf2bc4ad8b0a5554438799ca805d023d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
x-content-type-options
nosniff
age
549555
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49979
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a4VU,time:719,type:e,im:%7Bpci:%7Btdr:144%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B401~0%5D,as:%5B401~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:332,sis:578%7D&br=c
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC9B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZklh-RwtY9bfM6249u8Prru2uAEAAAAAOAHgBAI&bg=!3N-l35vNAAYIxsuQKMY7ACkAdvg8WmBhOXVwjL5xqNDdS-gYJf74-SV18jpF-_NJB-cki2_o_tH2fAIAAAESUgAAAANoAQeZAt2EiHPV7nAOe4sGdC8betfcBuW7hraSbVtPs6LeXZ7vYVXAWJoXtwe5BjUdCAD6gV1UDSbOzIpDhqAvDnxG_wqXyhf0ZRoH1xkv5w1dVJTYilVXQcdHFejyuvrZBfON9KnjMJbFfHWhYo4EpGNqFpwrJBcvqbAyKlw6kk0upphgj5ClG5Z9VUblSjgx_AP-rhK5Z7RR7gMmLXlM2maGa-cFw_2V1CNY_UPGfa9unnQlOhWSIm-whiJOG7jDUbq1x53_nm1hWxlRyTkMdyRIv0VjmV3j3kzO2zktDh9Aj-R6JoQmLxF3Q15eGtPbq-nZcrF96PB0FPdLH-rdoea-Ftno5TPL_PTYSYoyXwShRqqnMugPkzwRrbgaMnNfgk-WMJBRuiP_uK81HdDUaL12ne4J-XKkiMt_Kshj3sGtD1mtBoufMESwjH7HgpEI8bT6kIDCCVEBPcxDUm7bSTBGkQurU4MrGY4XB8wm4OtZQ8vwyyLl8aTWYDLnxQZJcb0rVilB4Qxfnn7whAWOeiq5l-kqdpNerDGFO85TGc3gKS05Btg0xN5dVnDVullXI5x9B-ldqNLZxxd2HFiOVF8ysLtyE7MHaiOetUIb_WNLfJMnKrvWwxHVvJK8BKquFqkjxUVyVj82uDG8RKOmAwMOuxqQZaPfbnSAqohiZsJQAhNFBweiwmDH_MNpw1T0rwCC_FVoW_k1j_s3vBwUkp_o7jOt1u_7g9s8VNltG4ERbVwx6YXHY0qlcbvM0pFfmXRzlcOtmDlU_Miw3lvKn7YE4wAU9RcOOP_NF3TXlDRhNJugKnaZZQYU94EPsAYpkkaHaGi6z9LVmeio3KCpx8EReWzfU2kCn06EZaD3i9kkjaNGvf8LKuyNhEMJfKo_nOOd5nArHKQMhy0wtjaswppHIYBH0OGHZkRqwuWetas_wltMlw4ZsSxXeKmpOA6SQSOaFeNePHaVS_IN0kyxfPcg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0C59 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Origin
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 0C59 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJozWXWxvOnZ2xzNdyyN1gElrN_rQqVjynno5MRlgyvl6nywW8-RY-cvlhlN1TO5ussAgYG4AvY8caS0N4XVqN6D-DzoVMlZKxvQ5b2CBnCzcbuVQinnn3DscRXevde-n3rbSVJ2gdzpWx28-CnzU-WOB1gfCH10Gp3OAn7XGWbcRnbtE&dbm_d=AKAmf-CJUhpSabA6fJFKyd_tuea4qKZB1W74xsZ1YOWUSCr-dDJiolPx3Jp_zG7wdQtO03xVuu4c6nFyFi7zPd0gXX2maPlWmTe8klWV5XWFDuOT9Iwem9a4vYeBOi1PMxw54UPuzy0JHYFH4eyomV3TDTAYQZdbUk3YzpA18Onk9t6DLv646rwnd1sBF3ZUGSFJr_xbFlXbbukYkLRxEI9FlUM0nHVw8d92bhHLbHVtk-HT6fJs6jRoI_z--q8JkC28y_dGh28TeY1FFlQ62enk7ITW9qDXr5BR6klnfk8YRn0TAQhCVt9k7an5SF9LMAr3KT5lYcC59wBfsy5D1OpJY1FXiXOCl7XFofcKCvY0fLnm1epMgUIb_Umokxot80RaAMnPAoGrfqTGLf4cbT8v9KzW-rkpZDDdKKA4f8ZCtSL2UmOax47PP04uvHPmQVfdSqw4uKvgzHbGUHh6VR5exIqrDtKG8nucbw263OeTD8m9VACfvH3qMpzvvjW7B9OvmbTujhVbDNEbLdrhCL7zJzMBWXV2b-6c17wYWR4l-ZXtSwBHVZXrWqPYaeuVEGPPqJpJvRTgqQZRLE9-z2O4BW8wfIdYT4eCcyl5z3qcHEycj0yTd5mUoYb2S0X708VB8rGc7xqrB1LzsCUa4F3Zx-PbvH2dM9Q7_03BRiQ6kt6qvE0h3MljQEH221-tTksBx50lF9zaU9aP3QtYssY5iQRYopSPEqvl63H6Z7fAqUplek67DwbhN1cSyDJPuP5PKgATZvzZLh_iWTKNsKEP_ILTyZULSgzDBQctBlEFCVkuMxKBPHcB_NWiZrX5u31uzPo1rrxIDh3W-zEEJ4mCMHkQvlpMZFpwDV2K2iI6JuqKxaJ9orsE4tKPm7p2IIbr6nMdgTRC0m9SQqCmvMOAu7WjDsHt13rRSmz5mY5MOvLYA7tDUxn57uWATiCoQ1SjpQH2VMEv_v1LD7mLGQKjl46SfF7BUa81I_p_qEP_5MANDpU4azKdosol9AOjkyXh_Mcsc1j572ykoqTlrlLiYTNSeDHhT-nZYufaqkJvG2HmHZCQZd0iHEZ5GytvkhAx5D5WqIlaAsTkkeibO6RDj_XyaJGk9-5ur7fZWmvj81ftLhWwUqLaWe0ZBx3K9MiivqwrM_AJuXBlWSuyMxUWFUVQt-j4JF8egxUTidiKEwLTPh52Fje8ls237lTrCAU2P3GL93ByHZn6zjtnTg9VfOb0CFVaN5qOGcJFKrkELzFZOY7XOFpQ7FhfPfu4V4Gm_iU4fxWM2rx9YlRnPFZ0Xz6yrBGBqUIXOsRz2OfDoDUfG-nxGMefwvUBsFF0iAMRVUDcl5F-IdrlvU9y0WZCkzKJc54guqLnB7-wy4yDAtLO75g6GzgbFYxc3fLO8B-0SPf_MhvJNhdLhBWJi1FItP7mLiuA0Wcmma-6ppfpMMRNYOmAkdNY1bUWj0bmoS76Xnt7QdMWGnOefF2nTQOUVBb2puhnZTkTrilJ9kaYx1lk-1nJHxxMgUFs-VkuNo_1vh9fLUwdKW8RGdkcDixVufqS-v9FAY2-uaFbucIxr7gom1pPzbZC_La8G9_3-Ous7CAo4XQ-OO8CjM-6VCBYQAPMluKlo72r2zn3iWmO8xXBT_LiD3LHoqtkp_GQgXI3LIbTfrnS68Z7vpQw_J2fEzsrYV63NVPNnuwdejkLIn_RK8fY-hxNZl80UTsXPALgCbjILeWj11EPCE5d74lH0YpNFz-WeTaUFbZj76K4H5OEOjXid8o2u9E-E3wXl3PTl9GeC-sLZT6HxwfV55iK2eB_BsTlhvyflvuPtqjilfrN7xwHMmAzdWePFjYPbWHEnHKJzKWo9z5jPjEQjYJrxiFkRQwExndTx9RbMNlKJto8_Q9lChVP8jA6pn-9xqzUbKlmbfyTfC1yVGeZ6x7pOALDn15SHGlYl8r9KBcxFRj8VVgwwmPMZpsxOMd7YK-6ej20b0YquBzTtoLTQExP-zrUkyvVQw7-t5FJuC_4M2RPQflhTlppNTaiOee0nYJd36u5sJmTrpdwqmdLfkgD-QEdi2VhnuGJUtKLRHsVXq2r_URrncyH8QBWABYjSHjYWvSNLjFt6ycRwSAJjtRroy-ayWNGVmEBSewCbAQ_1OxfrheGMvmzjA8V1L36nbQfiRL76ZVHPNaz1X5pIBw5MilE1Qi-97AjEzYcOGn4xYKdY1cykxYrIgXJkk0GcYty2zEbsLjmOzoDt-xfcSXFch8F_4duYvpmLPhQUF3pSDSuk3jeke0NGJsX6ucp7zu9LAzsQ2GWOm6ZBg4KXPwd3DJPnpoB-xXoU8hQNJjGBOgBC_Qa7gOzqR_xrXr0D3OEa6CbDgOL6pbdZ1SJTuu8705FpEbRijFXE2bBLj1xdLxWFk2cR3Erj5u2YW2pTmljMiEyl5Q7rI7SxvgIP4R1HIAjpiF3G8y0w26wJCHVpkXpvOOl9L5zUx-bQIj00SxW92e8PeqUr1cSOD0S_8NRQhy8dRkSlzudwqy6UqmzOVMc_smIF8n95U3xEYcKyLwvES0B3INEljLxj9wAYKO_Ft-Un1OutgtBs3XTv2LPySbFKXt6FRjIYKumPptJHZI3fYm-np67qcTF5SQzIThqgURfUaBTANYK11eB0WCsXYClTPUyTd_QYdGFLCv2jxABYtwcfcKQgyp9sZVDIFkAeZOiSVwJHYwgA8h06u_N_rWXSv0w1ESG2JLgJsY3Md4CvgxvneU1oMprJGu8btxRr8ETGQ9zCHPyvt6FsCCBN1XoToaBcgMdqC5txPtJhuq135qFXwBc4AOCrvb5keysZ3fzUkeyQA4C8CnXhW4XjWIriX01oEms2Bzd7x3zb_rZWcEVXhvjKZ7cONA98yS31iJclweBlH6qavUiVHCLF53P_6JZwRpckrDjYLjpi_aYRssZdjBAI0S14ln9_mL9uJ7ZjHawx36HI94h7LvEg9iBF8on3DLl9qoGkNVZKz_Dm669iB03RVfy7QzDzLFrAO1iQenlY9J6uznLhuMhO9rvUijLH4l0gth90xct_E-qp4Z09HKHR-2l5wtBImj79WFLeILHoVm3buvyTWlTaC0tdjchjcKyWS-sKSbuYxkiB122_EQNHQcApc9JMtUQQLobMZkI10HtJzxrHCE350BqHf_D3HquUdQiqzOBxxCx10kL4PK_UIgk3pQKPI6kaLoRe9O4X9wFxtCrludYp6dOhTFpSiPcqqTveMWdmH9RZSfxi1JPWVd2l7TFQzbCRz3w0Oo6Tln6u91dcofgxECPRkYG0__c4F6CcMR_MxpU0uTwONIiZVlryuhLGKp73mlqn7sGcK4Tjm2jekUbwjiccQ29tkWHvz84xwJNk_d8FlKXSlc84ywbowBDs2VDLne2RNbx8CUVlB-2hfqyWzEb9TJ4gW5Z9QbqxelMv1rPF6NfE-_Ee7UXj1ofHSYK9rgrNzfdyH6eXYEVeAqdW_UINb9jGnMnUz_07GDk26s3jLKBZuQudi0um7sXANc9mubTNZeBqO_izp72nw3WAbUHqkbuyw5dLU8sC_1Qz_m_ARCmQ0ko3rknisiP6QRTjpf9gBOdU6ucpZLgy-f3IjQiRITxC5VvCeIDbju2oK-_hVtWny83ejhIV_Co-X0IKMiVbJY0Ic8lpobx6u7w-aXWvNjthcbdpOwRreCaVU5z9fU1Hqdni__RfvDfHf7R6iatH9mORXaFxG2xp0hziSW7mEg4iKMw3XwFfhId3hXx-i0Us_Pz&cid=CAASJORoZrwQ0S-5Bc7iVJ-XWP8r_EOoqCbEHZYdLrTqrBK1QEOfkw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:27:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 0C59 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJozWXWxvOnZ2xzNdyyN1gElrN_rQqVjynno5MRlgyvl6nywW8-RY-cvlhlN1TO5ussAgYG4AvY8caS0N4XVqN6D-DzoVMlZKxvQ5b2CBnCzcbuVQinnn3DscRXevde-n3rbSVJ2gdzpWx28-CnzU-WOB1gfCH10Gp3OAn7XGWbcRnbtE&dbm_d=AKAmf-CJUhpSabA6fJFKyd_tuea4qKZB1W74xsZ1YOWUSCr-dDJiolPx3Jp_zG7wdQtO03xVuu4c6nFyFi7zPd0gXX2maPlWmTe8klWV5XWFDuOT9Iwem9a4vYeBOi1PMxw54UPuzy0JHYFH4eyomV3TDTAYQZdbUk3YzpA18Onk9t6DLv646rwnd1sBF3ZUGSFJr_xbFlXbbukYkLRxEI9FlUM0nHVw8d92bhHLbHVtk-HT6fJs6jRoI_z--q8JkC28y_dGh28TeY1FFlQ62enk7ITW9qDXr5BR6klnfk8YRn0TAQhCVt9k7an5SF9LMAr3KT5lYcC59wBfsy5D1OpJY1FXiXOCl7XFofcKCvY0fLnm1epMgUIb_Umokxot80RaAMnPAoGrfqTGLf4cbT8v9KzW-rkpZDDdKKA4f8ZCtSL2UmOax47PP04uvHPmQVfdSqw4uKvgzHbGUHh6VR5exIqrDtKG8nucbw263OeTD8m9VACfvH3qMpzvvjW7B9OvmbTujhVbDNEbLdrhCL7zJzMBWXV2b-6c17wYWR4l-ZXtSwBHVZXrWqPYaeuVEGPPqJpJvRTgqQZRLE9-z2O4BW8wfIdYT4eCcyl5z3qcHEycj0yTd5mUoYb2S0X708VB8rGc7xqrB1LzsCUa4F3Zx-PbvH2dM9Q7_03BRiQ6kt6qvE0h3MljQEH221-tTksBx50lF9zaU9aP3QtYssY5iQRYopSPEqvl63H6Z7fAqUplek67DwbhN1cSyDJPuP5PKgATZvzZLh_iWTKNsKEP_ILTyZULSgzDBQctBlEFCVkuMxKBPHcB_NWiZrX5u31uzPo1rrxIDh3W-zEEJ4mCMHkQvlpMZFpwDV2K2iI6JuqKxaJ9orsE4tKPm7p2IIbr6nMdgTRC0m9SQqCmvMOAu7WjDsHt13rRSmz5mY5MOvLYA7tDUxn57uWATiCoQ1SjpQH2VMEv_v1LD7mLGQKjl46SfF7BUa81I_p_qEP_5MANDpU4azKdosol9AOjkyXh_Mcsc1j572ykoqTlrlLiYTNSeDHhT-nZYufaqkJvG2HmHZCQZd0iHEZ5GytvkhAx5D5WqIlaAsTkkeibO6RDj_XyaJGk9-5ur7fZWmvj81ftLhWwUqLaWe0ZBx3K9MiivqwrM_AJuXBlWSuyMxUWFUVQt-j4JF8egxUTidiKEwLTPh52Fje8ls237lTrCAU2P3GL93ByHZn6zjtnTg9VfOb0CFVaN5qOGcJFKrkELzFZOY7XOFpQ7FhfPfu4V4Gm_iU4fxWM2rx9YlRnPFZ0Xz6yrBGBqUIXOsRz2OfDoDUfG-nxGMefwvUBsFF0iAMRVUDcl5F-IdrlvU9y0WZCkzKJc54guqLnB7-wy4yDAtLO75g6GzgbFYxc3fLO8B-0SPf_MhvJNhdLhBWJi1FItP7mLiuA0Wcmma-6ppfpMMRNYOmAkdNY1bUWj0bmoS76Xnt7QdMWGnOefF2nTQOUVBb2puhnZTkTrilJ9kaYx1lk-1nJHxxMgUFs-VkuNo_1vh9fLUwdKW8RGdkcDixVufqS-v9FAY2-uaFbucIxr7gom1pPzbZC_La8G9_3-Ous7CAo4XQ-OO8CjM-6VCBYQAPMluKlo72r2zn3iWmO8xXBT_LiD3LHoqtkp_GQgXI3LIbTfrnS68Z7vpQw_J2fEzsrYV63NVPNnuwdejkLIn_RK8fY-hxNZl80UTsXPALgCbjILeWj11EPCE5d74lH0YpNFz-WeTaUFbZj76K4H5OEOjXid8o2u9E-E3wXl3PTl9GeC-sLZT6HxwfV55iK2eB_BsTlhvyflvuPtqjilfrN7xwHMmAzdWePFjYPbWHEnHKJzKWo9z5jPjEQjYJrxiFkRQwExndTx9RbMNlKJto8_Q9lChVP8jA6pn-9xqzUbKlmbfyTfC1yVGeZ6x7pOALDn15SHGlYl8r9KBcxFRj8VVgwwmPMZpsxOMd7YK-6ej20b0YquBzTtoLTQExP-zrUkyvVQw7-t5FJuC_4M2RPQflhTlppNTaiOee0nYJd36u5sJmTrpdwqmdLfkgD-QEdi2VhnuGJUtKLRHsVXq2r_URrncyH8QBWABYjSHjYWvSNLjFt6ycRwSAJjtRroy-ayWNGVmEBSewCbAQ_1OxfrheGMvmzjA8V1L36nbQfiRL76ZVHPNaz1X5pIBw5MilE1Qi-97AjEzYcOGn4xYKdY1cykxYrIgXJkk0GcYty2zEbsLjmOzoDt-xfcSXFch8F_4duYvpmLPhQUF3pSDSuk3jeke0NGJsX6ucp7zu9LAzsQ2GWOm6ZBg4KXPwd3DJPnpoB-xXoU8hQNJjGBOgBC_Qa7gOzqR_xrXr0D3OEa6CbDgOL6pbdZ1SJTuu8705FpEbRijFXE2bBLj1xdLxWFk2cR3Erj5u2YW2pTmljMiEyl5Q7rI7SxvgIP4R1HIAjpiF3G8y0w26wJCHVpkXpvOOl9L5zUx-bQIj00SxW92e8PeqUr1cSOD0S_8NRQhy8dRkSlzudwqy6UqmzOVMc_smIF8n95U3xEYcKyLwvES0B3INEljLxj9wAYKO_Ft-Un1OutgtBs3XTv2LPySbFKXt6FRjIYKumPptJHZI3fYm-np67qcTF5SQzIThqgURfUaBTANYK11eB0WCsXYClTPUyTd_QYdGFLCv2jxABYtwcfcKQgyp9sZVDIFkAeZOiSVwJHYwgA8h06u_N_rWXSv0w1ESG2JLgJsY3Md4CvgxvneU1oMprJGu8btxRr8ETGQ9zCHPyvt6FsCCBN1XoToaBcgMdqC5txPtJhuq135qFXwBc4AOCrvb5keysZ3fzUkeyQA4C8CnXhW4XjWIriX01oEms2Bzd7x3zb_rZWcEVXhvjKZ7cONA98yS31iJclweBlH6qavUiVHCLF53P_6JZwRpckrDjYLjpi_aYRssZdjBAI0S14ln9_mL9uJ7ZjHawx36HI94h7LvEg9iBF8on3DLl9qoGkNVZKz_Dm669iB03RVfy7QzDzLFrAO1iQenlY9J6uznLhuMhO9rvUijLH4l0gth90xct_E-qp4Z09HKHR-2l5wtBImj79WFLeILHoVm3buvyTWlTaC0tdjchjcKyWS-sKSbuYxkiB122_EQNHQcApc9JMtUQQLobMZkI10HtJzxrHCE350BqHf_D3HquUdQiqzOBxxCx10kL4PK_UIgk3pQKPI6kaLoRe9O4X9wFxtCrludYp6dOhTFpSiPcqqTveMWdmH9RZSfxi1JPWVd2l7TFQzbCRz3w0Oo6Tln6u91dcofgxECPRkYG0__c4F6CcMR_MxpU0uTwONIiZVlryuhLGKp73mlqn7sGcK4Tjm2jekUbwjiccQ29tkWHvz84xwJNk_d8FlKXSlc84ywbowBDs2VDLne2RNbx8CUVlB-2hfqyWzEb9TJ4gW5Z9QbqxelMv1rPF6NfE-_Ee7UXj1ofHSYK9rgrNzfdyH6eXYEVeAqdW_UINb9jGnMnUz_07GDk26s3jLKBZuQudi0um7sXANc9mubTNZeBqO_izp72nw3WAbUHqkbuyw5dLU8sC_1Qz_m_ARCmQ0ko3rknisiP6QRTjpf9gBOdU6ucpZLgy-f3IjQiRITxC5VvCeIDbju2oK-_hVtWny83ejhIV_Co-X0IKMiVbJY0Ic8lpobx6u7w-aXWvNjthcbdpOwRreCaVU5z9fU1Hqdni__RfvDfHf7R6iatH9mORXaFxG2xp0hziSW7mEg4iKMw3XwFfhId3hXx-i0Us_Pz&cid=CAASJORoZrwQ0S-5Bc7iVJ-XWP8r_EOoqCbEHZYdLrTqrBK1QEOfkw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 02:07:42 GMT
Logo_970x250.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/Logo_970x250.png?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c79ba365dba798d3b9759bc060ee3473bc8c58967e4983a16db363760a9f32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:02:48 GMT
x-content-type-options
nosniff
age
549555
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8363
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:02:48 GMT
tag.js
adserve.somplo.com/tag/js/646256119/ Frame CBB5 		71 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserve.somplo.com/tag/js/646256119/tag.js?cd=187596876
Requested by
Host: cdn.somplo.com
URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
783199d2aecd5c43a7e3d21a7bea7ca58c6577ac3bc029353fca015d351f7737

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
server
nginx
x-cached-since
2022-09-23T02:02:50+00:00
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 23 Sep 2022 02:52:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 709D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvutdmhoDHW_eJwRCEbsXoruUMSA8yUFlLUHAeiVNWNNxtUe7QDmyb1z-8rRIVM0p8ohouEB3VIbTNkSrtxnvFm7cJ13cLWkg8WTePFKEiu1ARjh9iy_LMuzTQBUUh1qHv9yKk6w&sai=AMfl-YTXWG9ESdU4tfh55-EV3At-KhMftThXIeHNQn-T5bE5hWORIjoOMebAF58CjufqHFvYQZVktSj7MK_iDhXY2A7xjk7ptWnWrTO6EtjrxgsBiC8Rv4Oytcu4SUk&sig=Cg0ArKJSzKOU84u-53_vEAE&cid=CAASJORoQ-itmZ4Xr_Q0xZmJnUPh5p7DqJ0elhZz-1FHxAkE3d46Hg&id=lidar2&mcvt=1000&p=23,315,273,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1048470924&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663900921673&rpt=428&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0C59 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 12A8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
62318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0C59 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
639bfb4c91c8b82c785101b4af5bae2fd77b6357f97ea6715c61d774a0627e0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a4Y8,pingTime:-10,time:857,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663900923184%7C%7C5ce27d1ae8baa630775ecdd921a52e68%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ceb8221d33db8aa884158e20f453a178c%7C%7Ca5f0a3e292f2cb6e62667706ef35879b%7C%7Cec10369ed8a85fd6aad61b80efaa148f%7C%7C244722a525723e16ed9c5f1687f2637d%7C%7Cd80f594b67e49b7daf55d0dfd3a0dc21%7C%7C1663701684%7D
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pegi12.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/pegi12.png?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74ae61c735de8a091b6e4a4ee5ea1e4e7b522538fc4c6843e328eb6368231dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:29:32 GMT
x-content-type-options
nosniff
age
547951
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2990
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:29:32 GMT
index.html
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732d599a529228ca1fd6256856f6cb18d9534805d6b8b08244fb021d5186be35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3655
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:03 GMT
expires
Sat, 23 Sep 2023 02:42:03 GMT
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0C59 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUv4AtDkvKpIm1Eu0cadYJYWaVYHgUremiCzxC43vRdo2SOZp7WJs6_7ttUVV8LBUoKMG0jINEm3TKoIKxVwQTwZOQGlh8Qkof1K6TXYWhebljAqU3_Htf0E38hNq1C9FNeI38ABFTevFx59Ba5ZgxmS8Fg9NvB1jdSGahEu4QQX-RuCem6P3KoObGjfW53utfMU64dc9R5uR5TJ4IwIu32rKcFvJUWlJVarBOONtjGGNhE2dii41bUAZemQBQoiMnCuUfpw2bMGuExRFPI7QepYmO33lOPZgqcDyqtxFWOPeXbixfzFcfh7Pw3EtyWs25eVCgKCV6irY9RDaxs9PS1CBYuBa0EhMnzzql39e8KlIRdpPV81T8ivYtlMdIfj0gR83A9yGMcupgz2RD3nBlz0L7zPxh04CUQ_HGYkrUo0oDFyQISf1-2oz-TcO14vbCBNWRfOS4b5gdOEZ43eUHWQYhb8kDPe56D6y-bgGRTdwpVhOusRWhpAmVBmoBW4qgBnucs6MXlAZaPEXzPmIA0psndtWQQ0Bi59agjs-xKscHobj65skbD7Q-UY8pi0VDF5MO3bXR8ZyCoGn0bWljVziBDZB9pUX-uQSQz8BB3ci1IyWSth6iyW6_A_e7Vlt3yUY9_2efa1heekENQpfykbt2glFsNToaK3V_na0wBheLe8zSXVXKiGlHIMjcJH4-lHj3uTrnoELT6pCxs-2ZqMXOF5lw9Yd4jmQ6lbIPFTcA1o-isnyKrkNjEKrz2xpmw-nCTQdPbCgnPR0DEF50B6VEqvGIVxZbLqwEMJrtLt0nKzq_u3bBnx1dMWQrACzBsfW30UizFhvwCki54DZejwliuS3WOxUuCqvtZNDaQTq1Jv-ID1KQW0lhWZmRZ9A7xoSeQLfYMMx18qdiopxq6hVgmobZi6sMG64IEF9XBG_OvIH_meM6_Eev8ygsWAat7uYYaCaDIUUQmK8R9xUhYDHTuJZsbdMu25JRuSu-Kvam5UhYwfsH3OSa7oPbUKchyEPVWwvSQq0fbDqoup94iL28bTpafeUufrDh5hn9Wb55u1Xz5FObR6GfIaN04ok_63LAuGzXMBU7vxBn8ou6vqATpFGXGRXRJRajp6Sm9DMClksUdA8icS5Blc9yManhXiPgpG4jIatkm6QxwLBfFTLSFBA3Z8T4EEehxwhDtX7EnB7ECetVrEGbMOfCqo6s4pVp_ja__z0oe-AKPSHwdgJp2hD2QlIAdkS_mIWAYV9W4sOUwF_FoNqfVrdpFSB0uKiNamSIOJ_VqaGWdrUfXQHJe2MTh4OwM5cAF7Wu9LpBVGCA&sai=AMfl-YS9CiLSbdYuCje1CAKvHB6FZD7R7f2g13KiQM-GiV9sZXz1wlwBYQxm435zgWFyO_yYh2Ol53uY7CQ9ca10iP9zkhB4eWFAm9wbArVm1npyEJnSCOMFPLl75gx75HVWYmSpiLF2ZTb52HJNuQbgSO1fF8uRR6OSmY0YluIXvhSGAO38H-aADb9uljvzqtcGcob4siF-IMPSbUnPrnBa7c8sl0KyHq2_FSquQ1cTEcd5NpTL&sig=Cg0ArKJSzNj9F3duoOKfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=130&cisv=r20220921.48129&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 02:42:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2925 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
64035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 12A8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OG5FbnhmSE4xT0J5REY1&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OG5FbnhmSE4xT0J5REY1&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT1GTAlV6yP7PR3StcoqVa_AOK-pCVtBbacty7VXO7_tbVdurQxeeg
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:02 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OG5FbnhmSE4xT0J5REY1&google_gid=CAESEOL-7QuW-ysld7OfehsMcEc&google_cver=1&google_push=AZmPxg97p-dtqnGyKdnkyVlcEsqiIk0d_LY1xBJJX7sgbHT1GTAlV6yP7PR3StcoqVa_AOK-pCVtBbacty7VXO7_tbVdurQxeeg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12A8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEouPmyeZsYKXZQmV8osMok&google_cver=1&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4KPtG-0wVnTdI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4KPtG-0wVnTdI
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 02:42:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K8Ylz_11R4-1MBoHemYqYQ2&google_push=AZmPxg8deYS0Nwxa-a5toKhSaGSNGVMI6cxT_UB4U16kyNBJv3UOep5Ogup9xoKrf_iYzjL_jyPLO_1E55I3CqR4KPtG-0wVnTdI
x-host
tde-deliveryengine-production-646f888bdc-trwzx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 12A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDmJTsKh5D47WZ1UcnTb1Z8&google_cver=1&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQz...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc&google_hm=s1URjM4lRSSGoTd1zz7Q5A==
Date
Fri, 23 Sep 2022 02:42:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dds
rtb.openx.net/sync/ Frame 12A8 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJqbK44Q1cE8u9iyaZFexdE&google_cver=1&google_push=AZmPxg86s7s_hNQr6e5funnnsIBL2HvsoyHgHjsnzJxPLxKe7WFJtNz0lTWbj41AshZWlXh8hBOyRirX6bwS_QHS97IDm37TOsGc
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:02 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
71p6bkrpojkj7jkfasou16c7gbnnr2nu
sync
ssbsync.smartadserver.com/api/ Frame 12A8 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPFKeEEDuIyKXSJcY49p7qg&google_cver=1&google_push=AZmPxg8yG1e7gkX-KV2_0oX3HwXtKjjK_qrsZu-Utw5GPMa0RdNCcMOEVSgsLc50nYrII6FWJNB2v_yEuU7fBhxwWGRYFYRj8yHC
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:02 GMT
content-length
0
/
cc.adingo.jp/adx/push/ Frame 12A8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESELTa5OaQ8oSSy9B9k4Dr_yw&google_cver=1&google_push=AZmPxg9cahoxz20CEFnEM8r_Y4KojID8WYG9lRNepzYOj54GWa5Ez2f58EJKE3dBTUH7h-KPJIwDMYVXWMu6aAT6cIZXOIxNeOOi
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.52.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-52-63.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 12A8
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpAV_nTNRG_j1mzTG5ECTc&google_cver=1&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSer...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSerGog8psg&google_hm=NTgzNzQxN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSerGog8psg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9LIH9LbmI0DdWRlBUtcUQmA5VvZQXPhECACipKVn_4Yb0U5osEq51v7VfT3Rr1Q7kVRy4D1pXIhkUWLLHlwxrVSerGog8psg&google_hm=NTgzNzQxNDE4NDYzMzIzMTU0
Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 12A8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8o-8nM46y30H5to4C3oMOHGkiSx9LYmbrry9ApsX5fwQ8Dzcl2vpqaWuVQNeuIsFgKkK5oA
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 8010 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l8dvnbxp&c=7601966334924&slotId=3800983167462&qqid=CIOG1frxqfoCFZJP4AodjoIOjQ&umsem=0&ape=1&ple=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6177df1c8e2588b16bf406f80fb0d785.js?tag=video_location/awx_web_square
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RISE_970x250.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/RISE_970x250.png?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3272737fdc1f6034d21fd36ed5d459e084c257ca3cb352136e59c63708145fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:29:33 GMT
x-content-type-options
nosniff
age
547950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4331
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:29:33 GMT
adlib.css
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1976
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
adStyle.css
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		6 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5870e9220bcbfc62e8693a8bf53ee65e038100411cee126994bf5dfe63618309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B0AE 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 15:19:19 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B0AE 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 02:42:03 GMT
Line1.png
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		103 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/Line1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f415cb6a326034f8bb0bf49096a985573631a3d79f31dd9981bb412a86bfae05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
Line2.png
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		103 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/Line2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f415cb6a326034f8bb0bf49096a985573631a3d79f31dd9981bb412a86bfae05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
legalRoo.png
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/legalRoo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db53a217e67039c0b9ebc071dd0b28043e297082e83e144669e80c28e5df8596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5317
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
animation.js
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		27 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
216ee741ba5f0a16e156d2e8ed044215f2d4836fbbe3d2eef071a98a7d2405ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2235
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
stream.jpg
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/stream.jpg?1661263323994
Requested by
Host: f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8938e356488483d6e19e832c87fe7d8594d34e01abc1ca205bd841a93b5a420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:29:33 GMT
x-content-type-options
nosniff
age
547950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2641
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:29:33 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 2925 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
UNHOLY_300x600.png
s0.2mdn.net/sadbundle/16765942516236316711/images/ Frame B4C8 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16765942516236316711/images/UNHOLY_300x600.png?1661263323994
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d861f34e956dc448f749333bc4fb2e64f0f1d75d7fd87e8c02d58330997361b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16765942516236316711/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 18:29:34 GMT
x-content-type-options
nosniff
age
547949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18695
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:09:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 18:29:34 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=8&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1226538908
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25417
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
view
googleads4.g.doubleclick.net/pcs/ Frame 0C59 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUv4AtDkvKpIm1Eu0cadYJYWaVYHgUremiCzxC43vRdo2SOZp7WJs6_7ttUVV8LBUoKMG0jINEm3TKoIKxVwQTwZOQGlh8Qkof1K6TXYWhebljAqU3_Htf0E38hNq1C9FNeI38ABFTevFx59Ba5ZgxmS8Fg9NvB1jdSGahEu4QQX-RuCem6P3KoObGjfW53utfMU64dc9R5uR5TJ4IwIu32rKcFvJUWlJVarBOONtjGGNhE2dii41bUAZemQBQoiMnCuUfpw2bMGuExRFPI7QepYmO33lOPZgqcDyqtxFWOPeXbixfzFcfh7Pw3EtyWs25eVCgKCV6irY9RDaxs9PS1CBYuBa0EhMnzzql39e8KlIRdpPV81T8ivYtlMdIfj0gR83A9yGMcupgz2RD3nBlz0L7zPxh04CUQ_HGYkrUo0oDFyQISf1-2oz-TcO14vbCBNWRfOS4b5gdOEZ43eUHWQYhb8kDPe56D6y-bgGRTdwpVhOusRWhpAmVBmoBW4qgBnucs6MXlAZaPEXzPmIA0psndtWQQ0Bi59agjs-xKscHobj65skbD7Q-UY8pi0VDF5MO3bXR8ZyCoGn0bWljVziBDZB9pUX-uQSQz8BB3ci1IyWSth6iyW6_A_e7Vlt3yUY9_2efa1heekENQpfykbt2glFsNToaK3V_na0wBheLe8zSXVXKiGlHIMjcJH4-lHj3uTrnoELT6pCxs-2ZqMXOF5lw9Yd4jmQ6lbIPFTcA1o-isnyKrkNjEKrz2xpmw-nCTQdPbCgnPR0DEF50B6VEqvGIVxZbLqwEMJrtLt0nKzq_u3bBnx1dMWQrACzBsfW30UizFhvwCki54DZejwliuS3WOxUuCqvtZNDaQTq1Jv-ID1KQW0lhWZmRZ9A7xoSeQLfYMMx18qdiopxq6hVgmobZi6sMG64IEF9XBG_OvIH_meM6_Eev8ygsWAat7uYYaCaDIUUQmK8R9xUhYDHTuJZsbdMu25JRuSu-Kvam5UhYwfsH3OSa7oPbUKchyEPVWwvSQq0fbDqoup94iL28bTpafeUufrDh5hn9Wb55u1Xz5FObR6GfIaN04ok_63LAuGzXMBU7vxBn8ou6vqATpFGXGRXRJRajp6Sm9DMClksUdA8icS5Blc9yManhXiPgpG4jIatkm6QxwLBfFTLSFBA3Z8T4EEehxwhDtX7EnB7ECetVrEGbMOfCqo6s4pVp_ja__z0oe-AKPSHwdgJp2hD2QlIAdkS_mIWAYV9W4sOUwF_FoNqfVrdpFSB0uKiNamSIOJ_VqaGWdrUfXQHJe2MTh4OwM5cAF7Wu9LpBVGCA&sai=AMfl-YS9CiLSbdYuCje1CAKvHB6FZD7R7f2g13KiQM-GiV9sZXz1wlwBYQxm435zgWFyO_yYh2Ol53uY7CQ9ca10iP9zkhB4eWFAm9wbArVm1npyEJnSCOMFPLl75gx75HVWYmSpiLF2ZTb52HJNuQbgSO1fF8uRR6OSmY0YluIXvhSGAO38H-aADb9uljvzqtcGcob4siF-IMPSbUnPrnBa7c8sl0KyHq2_FSquQ1cTEcd5NpTL&sig=Cg0ArKJSzNj9F3duoOKfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=533&vt=11&dtpt=397&dett=3&cstd=130&cisv=r20220921.48129&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame B0AE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b994cdb4ddd870f8aff54ab0e8bcc64969c84ac69a3585307269237def4bcd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5878
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 87E8 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22587791099%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_subject_v_pre_1v&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=1521935841928869&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26medianet_ebda%3Dtrue%26openx_ebda%3Dtrue%26rubicon_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fe19e5098-2b0a-45c7-a7dc-f161fa9195d0&sid=7FCEC3D9-0A15-4782-999F-E2AF12ABFA94&nel=0&eid=44748969%2C44752052%2C44754420%2C44760950%2C44765701&dlt=1663900919813&idt=2813&dt=1663900923612&cookie=ID%3D19e2d9fdbae31907%3AT%3D1663900920%3AS%3DALNI_MY6CSwgJ_pyPZGXrpKAfdJ5aGpvzQ&cookie_enabled=1&scor=4499149785565891&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=timing&_s=9&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=subject&utt=1412&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=2083551648
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25417
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		425 KB
426 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=453832-889239

Response headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 453832-889239/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
435408
Expires
Sat, 23 Sep 2023 02:42:03 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:03 GMT
Expires
Sat, 23 Sep 2023 02:42:03 GMT
Server
nginx/1.20.1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B0AE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2925 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx5Aw-hwtY_mhOsGN7_UPuqatgA8AAAAAOAHgBAI&bg=!8vGl8bXNAAYIxsuQKMY7ACkAdvg8WgdUBdMIdPtz4XYU11LFvo9sNXKJyoxi-Pt_U9k8nMXs831MzwIAAAFNUgAAAAJoAQcKAKbe0QnAa4ZVN3o5cTe8-qe6-uokkFFyXdv-vb0CIPA2SPgYREbj-tpX5QbqDMHBZnikYKhcN7lYibmKir0-Iyb3PA0yTnfKikvfqvx1brhWq0x8RA6oDbxaNOKjXsyRPFG2azz3X1sMUyq-afuzi_jTzFGuqw1w37iQ9u-1zEBFq4MZPjC6HHfr0NUPHuMCBTIAvXhPYtrnZLiFPctNLH-vVKjDso-VmQLn7HVEXXIHE8B1UFUb1YGHt5NOe9AC2Pt1jxHqh7VLzje5EiN-RvL6581Kop96Atw-u2hy9iT1UHj-9VrYz1kHIovWddLx7BpBxuzviLncVz2wBTqJaLQvrHHvvp1Ti39JeYl_yxVEw3FBTlRPxR7P-kHZ7JR5v8dkUVW9_lIH4zDMCO5gGYt-7HMr4kdKNqZrQQtSvZbxxzaqTjuvu435LPYIlAVj73wMCMxnFPUxdSR80pDZga7SlOv6fas9CJcA8fDvGF-YTgxq695JjeNAUQlmAobfGs9QQT87clVw2AxvU4IJ2QawqnZGERBTm2FYv83_QKfOmBMphvyqBAMk3uP87a7T8CsLr5_rVWkExBCZ-Q6yfSJFE-uBFEuR5zBxzhifcY2qquaBMan9AvVtQgdg5rb58cHUIQZycI0wDIIYU01RUxMULKQadk7JXSm4_AJ8N0Zkf2uMUBAbrjWz0lgqs5Kye78IXPLuxLxbxuFFT9xt0fyGIj40UBTD6F9ue71wCo_BxoWFruYtCr5NZQQRqBkMMi-tt-a-DMZCtiE1mcVIsfwjxPf2wCZis4BAOgew6g168LpI8lXUd4wxrQyaA1-v8tFmReiPjQ0YeWT42K6uwQ9ISIa5R5NzYGJWdPEZptw6VZtZsmid78WuTnNdGOWveOpFw_9yvJeHpAyzm6-3J7i5W19oaIagh_JBeieB3gGM_YgXMf4YxLZjwr2jnkjlZtWbcXOSssacE-vofWvIdAg0CJGR6qpoznLNGccH81iRbsMQX6P5QuFFvyKK6LjRK8lhpkL55j9RVzHH5eEKFTwPeSi-TXXDQo0gHsCY5tesDUmwBoEZybEv7-MHbnbeK1TMgD1vD1areTueRRlH31mdsQYBuLStgFlFHg03MVO2a1B0-qVsF6wSkpG0bVTjgYeiDddh9o855wVcA6UDU3s_pAFdYyc5Y_N6WnaHGXDzS3nDobilN3rPxXRO1isfOFU
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87a2fde3736d8c20af98a35e066026e592a7835578e0b7cfec2ed96196b6ddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11152
x-xss-protection
0
syncframe
gum.criteo.com/ Frame E8E4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:03 GMT
server
Kestrel
server-processing-duration-in-ticks
753119
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
763997
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FlTi_nxtNXJtNWZEbVNSV2RRa3ljTHU4MGJ4cVZ6UXBTMW4rSGlPZzdER0JjWmVyaWFmRlpSY242c0xFVzhBSURFYTgrRllONWxPYUg3RUhvYTFxTG5jNC81WEFna1k5RHJqcTk0K1JmbzFGM1Z0c2FWMDgvbE9zcjR3OV...
367 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FlTi_nxtNXJtNWZEbVNSV2RRa3ljTHU4MGJ4cVZ6UXBTMW4rSGlPZzdER0JjWmVyaWFmRlpSY242c0xFVzhBSURFYTgrRllONWxPYUg3RUhvYTFxTG5jNC81WEFna1k5RHJqcTk0K1JmbzFGM1Z0c2FWMDgvbE9zcjR3OVF1VXg0ZlhoTHhBZDRzS2UyU09yQjRHcmRNSkg3M0dmNEhpT1dwYWhmL0hqSG1TMDMrNjlqVzlwU0xwVUc4YXhNaXRXZDFlUnhuNUdIWjg3VVpqci9ldGIydTB2dEI3TXlKeG5rTVloaHh6cUxybFJBczNJPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b0a32f986b6d3a2ce76f9302f1e34cab00d885324f923705fa915d8c3240c006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1233757
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FlTi_nxtNXJtNWZEbVNSV2RRa3ljTHU4MGJ4cVZ6UXBTMW4rSGlPZzdER0JjWmVyaWFmRlpSY242c0xFVzhBSURFYTgrRllONWxPYUg3RUhvYTFxTG5jNC81WEFna1k5RHJqcTk0K1JmbzFGM1Z0c2FWMDgvbE9zcjR3OVF1VXg0ZlhoTHhBZDRzS2UyU09yQjRHcmRNSkg3M0dmNEhpT1dwYWhmL0hqSG1TMDMrNjlqVzlwU0xwVUc4YXhNaXRXZDFlUnhuNUdIWjg3VVpqci9ldGIydTB2dEI3TXlKeG5rTVloaHh6cUxybFJBczNJPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
727436
content-length
0
expires
0
rid
match.adsrvr.org/track/ 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
53865e4e8e66d64a525bcf61da08fafef31722a436e31bdfbdf52603d3b12489

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 23 Oct 2022 02:42:03 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 33AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:03 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B788 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:03 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F1E9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6206 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 305C 		4 KB
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838a1318bca74a819bd3e402a753c25b66a7d5da2706666a2d1c3940795f7c47

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74efecc53d54072a-LHR
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:03 GMT
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame D147 		477 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CFA3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 22FF 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab21cd22e33ce9dc936c599a8b108c9a4af24eadafc1e4221e1d5e10b1ca2656

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74efecc53d53072a-LHR
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:03 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C1D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AD60 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:03 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame F1EE 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 4AE4 		4 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595704afa350439f76bae3d4c26b9186139d698a50dcdd1692488b0a15c3dc67

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74efecc53d55072a-LHR
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:03 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC2D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7D73 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:03 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 839F 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3098 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663900920564&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 852E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663900920564&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 306D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663900920565&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbjs
sync.quantumdex.io/usersync/ Frame B78C 		4 KB
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c6c3ad5d074c9d694424f9744f2ada34b537face238a1d2f3f05ef5bc0d01b

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74efecc54d5d072a-LHR
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:03 GMT
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame F3EC 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 00AD 		4 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fb3ae6628f49cd59240a81befb930cb385b9ac950c834e95e16be2daf02d40

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74efecc54d5e072a-LHR
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 02:42:03 GMT
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame B124 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:03 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 5E09 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A&gdpr=0&gdpr_consent=
0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 02:42:03 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6417679249573876566
0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6417679249573876566
Protocol
H2
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:03 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c8141c6c-64ec-4178-80f1-4f8c012ff4dd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
server
nginx
content-length
43
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=b355118c-ce25-4524-86a1-3775cf3ed0e4&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_cc7fd3d7-62c3-4e1a-b4e7-938c9e7878fe&bsw_param=b355118c-ce25-4524-86a1-3775cf3ed0e4&expires=10
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=b355118c-ce25-4524-86a1-3775cf3ed0e4
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=b355118c-ce25-4524-86a1-3775cf3ed0e4
Protocol
H2
Server
52.28.123.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-123-190.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=b355118c-ce25-4524-86a1-3775cf3ed0e4
Date
Fri, 23 Sep 2022 02:42:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie
cm.adform.net/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
server
nginx
content-length
43
content-type
image/gif
bgPizza.png_1663252159749_bgPizza.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/bgPizza.png_1663252159749_bgPizza.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd22fa1c1504fdd3732c8040d30c5dc83da65787afb103a78308eaff15a5d852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102565
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
bgBurger.png_1663252159749_bgBurger.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/bgBurger.png_1663252159749_bgBurger.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d51f907642abdc5b219f45f23396e77b8c2d20e33d0398cbcf73d5e9f79a4aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55409
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
bgGreen.png_1663252159749_bgGreen.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/bgGreen.png_1663252159749_bgGreen.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76e9a6570fc2330985d8b8608b9bc0bcf7824655cb183109975e38b4a207139c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5125
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
deliverooPresents.png_1663252159749_deliverooPresents.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/deliverooPresents.png_1663252159749_deliverooPresents.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de15a255916e9193497fbc0bbbcf00a20b835d1972fa26abb9d0a0bd4c665eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7260
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
morrisonsLogo.png_1663252159749_morrisonsLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/morrisonsLogo.png_1663252159749_morrisonsLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2667b5d357bb7a8ccdf9452f45ce34296124252f07c62e0af48e85f77e2ffab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5431
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
waitroseLogo.png_1663252159749_waitroseLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/waitroseLogo.png_1663252159749_waitroseLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f89e4b01b01ece06fd39795d0f52828af0fad65cdebee77c4da69bc8020385b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4154
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
sainsburyLogo.png_1663252159749_sainsburyLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/sainsburyLogo.png_1663252159749_sainsburyLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9138881c14f9b1035d81fb2ce6443ffc5da041104455a117146952a645b2ce4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4521
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
smallLogoGreen.png_1663252159749_smallLogoGreen.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/smallLogoGreen.png_1663252159749_smallLogoGreen.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b632555e0646a3374ce5b1891ae22c3ac1aba0502b6335c114ec86e6d12d866d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1250
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
smallLogoWhite.png_1663252159749_smallLogoWhite.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		995 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/smallLogoWhite.png_1663252159749_smallLogoWhite.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3e2efa69ce81d8941a38f314919fb95860a941e353b9e1fa4ae9707e09f471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
engLogo.png_1663252159749_engLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/ Frame B0AE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267cf4cfb31e750ae7fa7dd/content/engLogo.png_1663252159749_engLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3798fbee8009a9d9885fd40fcced87c92f355732fdf1a868b8224c647fc9c54c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=wC2ZVubD0t&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6005
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 18:03:22 GMT
stratosdeliveroo-regular.woff
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/stratosdeliveroo-regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43644
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
stratosdeliveroo-bold.woff
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/stratosdeliveroo-bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45640
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
stratosdeliveroo-light.woff
s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/ Frame B0AE 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/stratosdeliveroo-light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17070191354216185856/728x90-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:03:22 GMT
x-content-type-options
nosniff
age
203921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43352
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:59:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 18:03:22 GMT
prebid.js
tag.eu.dev2pub.com/ 		479 KB
479 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.eu.dev2pub.com/prebid.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:03 GMT
Last-Modified
Fri, 16 Sep 2022 15:29:58 GMT
Server
nginx
X-IPLB-Request-ID
D98AC46B:A0EC_335B3C26:01BB_632D1CF8_11E9B616:ABC4
ETag
"63249676-77ae3"
X-IPLB-Instance
43024
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
490211
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 0F89 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 02:42:03 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame D147 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 12:00:41 GMT
server
nginx
etag
W/"434eb198ee35b5885941d107958cf614"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame F1EE 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 12:00:41 GMT
server
nginx
etag
W/"434eb198ee35b5885941d107958cf614"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 839F 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 12:00:41 GMT
server
nginx
etag
W/"434eb198ee35b5885941d107958cf614"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 0307 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf6t-d5KNVoYzRwAu3DABquclukBVOaIYRVCDtGSrco-HxXIYwkIqxDezadvZ5WPt7ZRmW2Zcdeh0Cgs9ToBFFHIkNIqsT8Jes1nvfsfi1zv04cyUypHWCOifUoBiATMK3LC_7Qg&sai=AMfl-YSYlEaiDLdATNo_xbeJnxxNoxQFJmQJz_cWbJRTyw_zufwh0QE7NpEUcug8xfyB7ocUU-owiaOT61eOTsJAkbbFHUyGQnB0h6F0WArLhaKtLNzGyNssUnkFlys&sig=Cg0ArKJSzFWnAD5DrZrfEAE&cid=CAASJORoHE-JH765QQ1P5veKlUNarj_wM3D0PHYzMPYInmIFRVxV0Q&id=lidar2&mcvt=1023&p=371,1390,975,1550&mtos=0,1023,1023,1023,1023&tos=0,1023,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2598159836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663900922256&rpt=490&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame F3EC 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 12:00:41 GMT
server
nginx
etag
W/"434eb198ee35b5885941d107958cf614"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 5E09 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=88367536859302920000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 12:00:41 GMT
server
nginx
etag
W/"434eb198ee35b5885941d107958cf614"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
v1
match.sharethrough.com/FGMrCMMc/ Frame 22FF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 22FF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc71ea9072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
date
Fri, 23 Sep 2022 02:42:03 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 22FF
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItM...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecccea9d072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 22FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc78ef3072a-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:03 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6994d57e-c311-472e-a256-d190a8148c9e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 22FF 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 22FF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8cfd6072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
0.gif
id5-sync.com/i/495/ Frame 22FF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame 22FF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
pFgMqmaK8NqHF2ADp06MVsr74WNpss1GmPi2jIxtk6CxqPveGAnhxw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 22FF
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc87f8c072a-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Fri, 23 Sep 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 305C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8cfd3072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
0.gif
id5-sync.com/i/495/ Frame 305C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame 305C 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
7trq3rpEiy3Op4GC5RqDNdxyS3BCnJKHg6egd7jnlkiQMjnuxeocQA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 305C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc7aefb072a-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
027cfcfc-6f83-4cda-8305-608c77f04f81
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 305C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc86f7e072a-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Fri, 23 Sep 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 305C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc7aefe072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
date
Fri, 23 Sep 2022 02:42:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/FGMrCMMc/ Frame 305C 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 305C
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItM...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecccfaa0072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
pixel
ap.lijit.com/ Frame 305C 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FlTi_nxtNXJtNWZEbVNSV2RRa3ljTHU4MGJ4cVZ6UXBTMW4rSGlPZzdER0JjWmVyaWFmRlpSY242c0xFVzhBSURFYTgrRllONWxPYUg3RUhvYTFxTG5jNC81WEFna1k5RHJqcTk0K1JmbzFGM1Z0c2FWMDgvbE9zcjR3OVF1VXg0ZlhoTHhBZDRzS2UyU09yQjRHcmRNSkg3M0dmNEhpT1dwYWhmL0hqSG1TMDMrNjlqVzlwU0xwVUc4YXhNaXRXZDFlUnhuNUdIWjg3VVpqci9ldGIydTB2dEI3TXlKeG5rTVloaHh6cUxybFJBczNJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Sep 2022 02:42:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
479753
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 4AE4
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc85f70072a-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Fri, 23 Sep 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 4AE4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc77ee5072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
date
Fri, 23 Sep 2022 02:42:03 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 4AE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc7df1c072a-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
028d8eaf-495f-410f-9577-d25669c2f84c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.ad.smaato.net/c/ Frame 4AE4 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
hXJyPtJMjUtHvWSMG31P4YFh7mKUXyNVyIYV7RWSouz5pwP2GUjJgQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 4AE4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8cfd2072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 4AE4
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItM...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecccfaab072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 4AE4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
pixel
ap.lijit.com/ Frame 4AE4 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 4AE4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8284 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151861
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 4DBA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e3c8e50ba4e00bee3108e66901cd4a96423e02f8cc08cb84bc01e50e0945a8

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74efecc73e7d72f7-LHR
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMqLOkNMCsgXfRmNB%2BaxE5l8BhlfOVT0oSVyHDimDplcMmmK%2FWT8QOc6m9R7PjRDx7FkRFz7i%2BIMUNntRwcQKvZAz3eeU3VNG1%2FWfRQswEQRm4VxJ5l0NlQlLkL2cnp8n9Jb81kVwaBpaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 8423 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
/
onetag-sys.com/usync/ Frame 5597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame C06D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 02:42:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 576E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
28772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:42:32 GMT
expires
Fri, 22 Sep 2023 18:42:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CBD 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b7ca1a9ec4d510bed926335cbffb442ecb2ecdb52ab0ff40c26c6f46576630ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jLjofOb0Tuny1kO1p2wP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-jLjofOb0Tuny1kO1p2wP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
Fri, 23 Sep 2022 02:42:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 4367 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf79e88f846318ed6fe5be243a01a436838f4483cbea8590bc0b98c7ec41cf0e

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74efecc73e8072f7-LHR
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5kA5pM4cacLn0OZY8XmCNgUWMjgwktPQ4cOLjuJ259c0qMe4Tu0ugdonMYA3cGzFBQCzIItPax%2Fh6w9sL8dFAuxg0MYNG3zy8GeOXgaIFNk4NCtlwiMwj3ZFDmeFxRB8MKeFda4YpWmJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A3BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame CB77
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 02:42:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A66 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151860
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 3F8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9074 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44107f8469836a839d64a2cd0cf1e01e5d081c1def538c37e9d7af72ff496c8

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74efecc73e7e72f7-LHR
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SxYALh85OrzTZoRQ78VT8Xp1YUteAbCMxHlGWsLsOf%2FN01VD1PsZ5haB7wlSd5eaxNuzLLloi%2BcbGPYmJ96zeqAG3BYRtfQJZEFHeZQZE%2Bbr7E5AI4SNKYbsEVEUqagPLjbFqHxxcfylw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame FCEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 501E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151860
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 51E2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 02:42:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame BE9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
api.eu.dev2pub.com/api/public/Dev2Pub/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
14a99faee7a1c2054622c6f923c351ccab4f041fbde76bddd11b2387efa1d01e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Sep 2022 02:42:04 GMT
Server
nginx
X-IPLB-Request-ID
D98AC46B:A180_335B3C26:01BB_632D1CF8_11F138E4:26F39
Content-Length
2710
X-IPLB-Instance
42214
Content-Type
application/json; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F1E9 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75387296&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame B78C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc7ff2b072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
date
Fri, 23 Sep 2022 02:42:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame B78C 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
JH-bx8QVX4UujfEz_iYNEHxvBiH1QztDXTxsyR9ICkdjJ0MFHvP-Wg==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame B78C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc88f98072a-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5991679c-d063-42dd-bb59-f628e99cd6a2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame B78C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8dfdb072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame B78C 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame B78C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame B78C 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame B78C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc88f95072a-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Fri, 23 Sep 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame B78C
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItM...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecccea9b072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
/
s.ad.smaato.net/c/ Frame 00AD 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
oErk25nxB9h3Ta9jeVrIUNBnqTYCoLCd-f_lBGtJuj6s8h9YrFEUTQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 00AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc7ff2c072a-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e1dc7a0-18cc-4494-81c1-468eb474101f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 00AD
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc90ffd072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 00AD
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zMDQzY2UwOC03MWMyLTM4NjAtYTI4OC0zNzkzOTFlNDBlYTgqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTMwNDNjZTA4LTcxYzItM...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecccea9e072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3043ce08-71c2-3860-a288-379391e40ea8
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 00AD 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
pixel
ap.lijit.com/ Frame 00AD 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 00AD 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:03 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 00AD
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc89fa7072a-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Fri, 23 Sep 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 02:42:04 GMT
setuid
sync.quantumdex.io/ Frame 00AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc87f8a072a-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-WIlNbmNE2uHIAlwHTZQlP5TCT2Xzs4RG0MDdDd8-~A
date
Fri, 23 Sep 2022 02:42:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sid
mug.criteo.com/ Frame E8E4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=0&topUrl=subject.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Jt7OXXxPcWI0SnpxL09PYW9DV21OUWk5dEZlWm5hUzRGbVQ0eFRHT3p6NDI1R25NZ3A1T3dwV0dLRWR6WHEvdVl3MmJyeHBwRUxacWZlZmxsMlc3NmJWZnRZY2VpVUh4NGJHOCtXSTJDMnh0cTI0b2VMb20zMFJhcHVlNG...
441 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Jt7OXXxPcWI0SnpxL09PYW9DV21OUWk5dEZlWm5hUzRGbVQ0eFRHT3p6NDI1R25NZ3A1T3dwV0dLRWR6WHEvdVl3MmJyeHBwRUxacWZlZmxsMlc3NmJWZnRZY2VpVUh4NGJHOCtXSTJDMnh0cTI0b2VMb20zMFJhcHVlNGlGV241eVhxdjB4ZmhoZC9xcTgyd0NrOEwrTkxDbU9DWGdUYS9LeTcxVUVWblVBYUdrTDBRaWJ4Skh5YjhJUDZGQmM5T3hRR3NRdEZNZ1k0QTJRR0hYMWtJVmJzYVVvTW41Y3Aya3FZa0J0NFlEbHpadCs0YjRPUmpsSlpnaldvTlNtamdudEJTREpzVnB3MTNyUmZHdEk0VGNhd0x3UT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
32036bccb48d4b60d1d0f14301dbc81e509b10f57673851b274405d60b5cd2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2236922
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=Jt7OXXxPcWI0SnpxL09PYW9DV21OUWk5dEZlWm5hUzRGbVQ0eFRHT3p6NDI1R25NZ3A1T3dwV0dLRWR6WHEvdVl3MmJyeHBwRUxacWZlZmxsMlc3NmJWZnRZY2VpVUh4NGJHOCtXSTJDMnh0cTI0b2VMb20zMFJhcHVlNGlGV241eVhxdjB4ZmhoZC9xcTgyd0NrOEwrTkxDbU9DWGdUYS9LeTcxVUVWblVBYUdrTDBRaWJ4Skh5YjhJUDZGQmM5T3hRR3NRdEZNZ1k0QTJRR0hYMWtJVmJzYVVvTW41Y3Aya3FZa0J0NFlEbHpadCs0YjRPUmpsSlpnaldvTlNtamdudEJTREpzVnB3MTNyUmZHdEk0VGNhd0x3UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
507320
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 33AD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2b176732-6365-4e88-a047-a0067d27f32b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B788 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
106a5329-b0ff-4cfb-9a66-58e4703641ad
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7D73 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
14f70a74-a052-44b3-8b12-6d70994bd7c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AD60 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
267f88af-b4e0-4232-a706-80cfabe8cf7c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B124 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
551183c0-5db3-40b3-9894-511d7e45007d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 61DD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c32a99364965a63bf56ca71e8bc07652b0736f267e570ec9a6d3460be149fb9d

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74efecc7cec272f7-LHR
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsdBi%2FnOtn5t7eNhlITWeE53Q%2FaoyjiA2JDEIChY50tsLm%2FUraLzOXaXesztX39kDtOUo9WhU%2F7gBTLotmRRfFLdXPB%2BpnuGjgkxUSQaGP4NcNtQXrVZZ22fmEYnR5pdqeN%2BzJL%2F3ZiQ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8FEB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151860
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3A1A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 02:42:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 7590 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4EBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 82BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184b2cc50eae531c5921def1837839aafa237351e093c0c25035472a9963ba7b

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74efecc7dec672f7-LHR
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 02:42:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUq2wY9uPzGqvppGioFqrE59ceWQyo725Gnm%2FOA1%2BrWRdRbIjEYHsI6iSxyWS0UNhF%2Bzj2zxvdTN4LKvfjSVxDTzLUoyOg%2FvTonWg%2FG%2F%2FCek7KwKoWvE7fqBhri8E9GKcLyFxEADuQlzJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4F6C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 02:42:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 6F7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 56FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B7AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151860
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 20:53:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=10&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=128193407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25418
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc8df6e72f7-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A92PfjlaUNU6%2BL6AL1fzPljCs7s2tH3vW82rQ9rHoKJ%2Bm%2BjOokG83booHJVStSHs2R1wu8%2F72KlVAxq4Tfha13Dddi2mXO5Xw%2B5%2FZK8O2AX12ZoVzRyWw%2Bq2iWV5e1bP8Y2n7A0gxRG3qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9074 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9074
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4CCA5WA692M50DMSPPHJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
NNS2ZY62TM43CWY1A7ED
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc92cfd72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKNr3Ukvarc%2FazAUJyfD8x%2BZcz4ZdufxJppxEQ7QorwZ6sZb76PlpHMjFzSLMLPp%2F7cyBfVBtqQZhGx1Esf%2FznEH3Bw1%2BGTCimbBHvR61l67OaqVCyADNR3Bzmpa7MYd8pj1OuQvsRBY4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b3961c6-9946-4305-9d85-304e3a0b211c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efeccb4dbc72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hoty1PjjBsctkPelYVO5jo9sVWJyEJ0OiAaeQTRNfC1BlyeTrVHDJ82iOUwepnrh4%2Bh8r3uk6kIe4XAF5xwRfhGLZBmajybkdLyt94zyyBto87GBF4VRLjEWf6jTkbfSW223W0i7dIBNlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc97d1f72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqFwVH%2BJsG2dWm9kKLN6fb6cTiks%2BzFYxmoOIix3r0AilQaqWrSm9t4AzSwvEm2lhOflNqferRfLGHlPUeYT8YRKNBbsN7aZk5QHkCvdLdChcg4FCcqWDFUl66M5SXcD5Aj89EioCQTqAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Date
Fri, 23 Sep 2022 02:42:04 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9fd4872bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT9wxvXFBIu%2Fhu6fuwbyXR4XHYkUtR60r0pS38m8HuhzSRlQamGx7I8CB2cvCypUWXrlEsCBdWO8Dyh8QiGRJbnLMt6zKfzOXyDYJ1OzcXiG8xUOHZ0tFrobbeZgDcQmUPZb4v9cGofeHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 02:42:04 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 9074
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc92cff72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtG49vLqKf3PIrQR%2BNyENHQlLd5SOqs0g7x6E%2B4QhGUdYnEP3fwbXaB4mvNx0ljx5cRHzW7sjMc%2BxIqvbznaxNhGGQYt6RBL9YHQKF4JHpxDVM5U0cI0XTDG0qiI1PCaFpmara5pSxO6Og%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9074 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8bfc0072a-LHR
content-length
43
content-type
image/gif
Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4367 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:2273:7c14:b4f4:8de8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4367
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:2273:7c14:b4f4:8de8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
date
Fri, 23 Sep 2022 02:42:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 4367
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2811266308298238660
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2811266308298238660
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc93d0672bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLtOfvn2aA2JYCCv%2FseHtI5RvekfLDgQfUvrNlftVJkKnWW2QJJgoCTezdchTosVoX%2BdeQpD%2Flfz2zFL2k6zbB3zfpaUkzDe7dkcyBc9mrmK8HlPz%2FpH1BNI3e3stpkeh%2Fcq2uzOVwQWGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2811266308298238660
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 4367 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.144.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-144-255.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
Server
gunicorn
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 4367 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.140.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-140-211.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 4367
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
34.249.157.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-157-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v042-00a9289fb.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XyC3Mh9ASzg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v042-047ba00f8.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Q9ZZlcaASK8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy0c.o4NIzgj8LvklyoAUwAA%264393
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4367 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 4367
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecca5d6572bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLw8SAcEf8lP3I1SLCC9jm5yfxOLhSMkV5eXo%2BFJwv4fQqoKlFVDTaMsdcymCntrOx80CfgZlDcMQRmvMdX2tbZzcHttIUQm117Ibf4Nqz6HcOuKOpb7V7bq%2BSQGx%2BCecktD4PPgXEa%2BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IbG6diXVRANPGmFOX39XldmKxGs
Date
Fri, 23 Sep 2022 02:42:04 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 4367 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8cfd0072a-LHR
content-length
43
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc90f9b72f7-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYrwKxLP17sASYyxtlnkWP9TkddM%2BZHGqRDays4cPFQ1BD0MDiXFBbhQk3NhMejD8OlEM%2FmXan7xxtS2nBA%2F24qARdJDKt1cKd3E6177y0z8GROozKcZ24FXO%2FZykRyXQ%2FuTZkHLsNHm6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENuj5BZMs3iMdNY8fcaraNU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4DBA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
YBHAE68DHHXQ4FZ61WDY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J1EVQHC4RGFF24WVYDYJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4DBA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc97d1a72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIQXWtM83TURLjIitOP52Y1%2BmM67RUjYLuFlFDMiU3yvqQTWEAFetZV%2FdPIgZ4usx%2FEEAHGj%2BOmtiRhRMMEjmz5FYXxZR9Cq2pjEP7QcsNyRzm0RYapWyvCVC8P7dmxqiUDLa9%2Fu%2FKBi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d65f7b7-a2ec-4101-a85b-87b47e1708a2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=583741418463323154
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=583741418463323154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9cd3872bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvH66zgy8qm7wHbCibNmnNjSvfuyxizwnGiqzU47Gy5yylZVLmi6HZmvEmY%2Bv2JdsG%2B9erWwRoBJKTKFsZaMWsNUkYbgZsPbqh6l3mv2amXJRHHl6xv93O8jSim7wCPpSB5xXqy9GzASsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=583741418463323154
Date
Fri, 23 Sep 2022 02:42:04 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Yy0c.o4NIzgj8LvklyoAUwAA%264393
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d50eca87-2d75-40cd-bb88-362b5e800580-tucta26a27c
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d50eca87-2d75-40cd-bb88-362b5e800580-tucta26a27c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9ad2c72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrzYJljpxNaQiv4bIkEanCei8FbUETNBRVCWPTeQ1yGLOMMW%2FXJ%2FKytPuJcv37na06YblTV%2FB55vzwcgFGv9On8l5xWW8aRc2EzVRNhpxzjphKGXLdnW8MqpayMSQcO4f9r%2FTWvwJjWRDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d50eca87-2d75-40cd-bb88-362b5e800580-tucta26a27c
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33267
crum
dsum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc94d0b72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tpr4HmzwxXXI%2FEgjsMkIJ5YCZxpIpZFYn7XsRhy%2FEP271HhCyOmob8ikz5iWkFi57WINU7tCPpszLq%2FT%2FRIn9QsbFckPAtfmFx%2Bn%2FQBzZE%2F5rfvU6iWnqUZR1FAStZDXkpOw0n9RtioMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:03 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8nEnxfHN1OByDF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4DBA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=01c8632d-1cfa-4c00-aaee-e265fd2c82cd
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=01c8632d-1cfa-4c00-aaee-e265fd2c82cd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc93d0072bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIRxlIjrk%2FRiwsjMaK4lBxDjT8U3bLsin59%2BhWibXaSlaCbyBfGpP1vUAxw63fXm7A%2F2bUJjF5VsfMXWpu9L0GzIwVUx%2BFU3ZbCCMLMNM%2BJGp6Xl%2BK76BbaNyPWeNZ2OUmyfcaT%2BL5fQnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=01c8632d-1cfa-4c00-aaee-e265fd2c82cd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 02:42:03 GMT
setuid
sync.quantumdex.io/ Frame 4DBA 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc8cfd7072a-LHR
content-length
43
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVzM4urLK22LIO42U0ZQPwJg-Asn_26r0C6MGh5xjIgBJvTyqUTPg8TYDN7ufgv0n6uY-Mxepuc8JI_XxvMUvuAcpXOSEc1jXPpMWel6rN2S3055olR1jmhVVvjltm8nNRH5lVxA&sai=AMfl-YSb4g183hYxoXmX0w0JB11_aAsD47VchzUmuv2db2bDvEu5H-tVHFndQGbdqkstYs_pYOnhPtIPTPfJwkOcq3cKOADdrwB3nEwuLdFKzGlWk2_IlnIzlZRqrl0&sig=Cg0ArKJSzDGx8bw0ZKNeEAE&cid=CAASJORoZrwQ0S-5Bc7iVJ-XWP8r_EOoqCbEHZYdLrTqrBK1QEOfkw&id=lidar2&mcvt=1058&p=1116,440,1206,1168&mtos=0,1058,1058,1058,1058&tos=0,1058,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=3087128496&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663900922792&rpt=353&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 61DD 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663900924.369645,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lcy19248-LCY
rum
dsum.casalemedia.com/ Frame 61DD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663987324
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663987324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9e9a7406c-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGUQKIQae9hvkuQMOM1%2F5pfG7eBXCbX7fyfUONtgbw4dlsVelRd%2Bn1Fv5jfzaBP69bXi1sM86xAEUcpznOKOeJYaHq44VSt1zfTb7iGhcCuBJbi11m547AIIvmLDBWZ%2F6Ifs6y3Q"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663987324
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 61DD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0E54A0647F640FAA5588AF446B07D8B
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0E54A0647F640FAA5588AF446B07D8B
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9dd3c72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnehU3onzv5Xzsh3ibNvvLdtkwSvrIVxhd5nTU%2BezYj0tq9M5225uH3wpHM1nq3QJLMEYCeHY39mXM9zS9FFFbvNoU3vYIaSoj7xKJpFd%2B31upvqnE9IWY6XixxZzp1NV2NN7zD%2FT8gf6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 02:42:04 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0E54A0647F640FAA5588AF446B07D8B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 22 Sep 2022 02:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 61DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4538758142278904623&expiration=1665110524
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4538758142278904623&expiration=1665110524
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecca8d7772bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkqxsBqUNMtDMd6MjC9nmHZahXKgM%2FKNa5EdlVSVzOw8ZNJkdm0ximAOlYvZ7Se3ZDohesdoUsgJozgtYVnIDjRvID9%2FAHr5bzdm2chL9CdoVQzmDdXR5qIeDxLSlM6yGI6Ed0yVHJg2aw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4538758142278904623&expiration=1665110524
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum.casalemedia.com/ Frame 61DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9e9a5406c-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVbAW%2FJDW6XSvcWbZkJXYyjGhiqMXKwn%2BTMRsPA618lw8E%2Fj4XPQjWgMpmI8N0RL3sLNGVw9DvzFsiBPvA32w8rSvySz%2FIneZ0m681%2B1AO7RrWFJOMQSKr0L6MP3RpMTXMCLR6pH"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d91d2ad9-30fc-43da-b14a-f47e707bc305
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 61DD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:2273:7c14:b4f4:8de8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
date
Fri, 23 Sep 2022 02:42:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 61DD
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecca0d4f72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7p6fRxsWY7n826v7TW3ozhyE%2FYYEURT3om64q4K%2FMJ02LJtybjc86lbRg3QtO07oNl7pETxBdvx0fxe4eamtZ2eSUIrl%2B%2BF7GJI%2FWgy1Z60BFwDFUfbD9sHyt6BJkycnueXFczsCZoPWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Fri, 23 Sep 2022 02:42:04 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
tp_out
d.adroll.com/cm/index/ Frame 61DD 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.140.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-140-211.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
setuid
sync.quantumdex.io/ Frame 61DD 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc90fff072a-LHR
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 82BD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gyokKIR6cC-YLyV5gCw7foUrdHWYfXN5hHrK5TJL
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gyokKIR6cC-YLyV5gCw7foUrdHWYfXN5hHrK5TJL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9cd3a72bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi0nJlyfgBkNtRhMS9nnZSrX1jJnseEEqFv0D4FvXpHK4nI2QyrNm5h1VzdbmS6rFJQj6x5YttFRrOXBaB0aF2nnbouB8O9Ilx44XQ0XyEQf1uFZ93zJ3%2BR%2Bewg%2FsspTrkNuy4vJwyZGUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=gyokKIR6cC-YLyV5gCw7foUrdHWYfXN5hHrK5TJL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 82BD 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 82BD
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=f60195a1-bfd4-4bda-ae37-3f0eb6c17076
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=f60195a1-bfd4-4bda-ae37-3f0eb6c17076
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9cd3972bb-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rq3KJkP%2FbASpjwIcxWvrEgzQalsRTm4gJM72ZeHrFx0ZCjNQyYuu0hrA1PmmcZ2%2BEifCSHofpq7fTmOWSX1fvYLlt6lAVS1uxw4elGJyHOPx8vAsKJhZ%2F3nnmccP3MYL7i%2FDdy2ED2NWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=f60195a1-bfd4-4bda-ae37-3f0eb6c17076
date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 82BD
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8aa1b76e-b98e-4df6-9b80-8d84d9dff15c&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8aa1b76e-b98e-4df6-9b80-8d84d9dff15c&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl1UE4ByNlxqtFuzSTTKX0u49VJuup7IuFn2z7JjHii%2FFySZILZTWHTVcdyFxtO%2FTwsXacl5GhsmxxsdtWgBQSs3xP0uj%2ByEEDFBYprfV3IaMSKWkV%2FV%2BlqGISLKXrGfimwFRiMpzi9%2FCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
74efecc9ed4572bb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8aa1b76e-b98e-4df6-9b80-8d84d9dff15c&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc989767529-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
crum
dsum.casalemedia.com/ Frame 82BD
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a7b44941-77f5-3a11-02f642d6
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a7b44941-77f5-3a11-02f642d6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecca59e9406c-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju4yxrxBRLbn7lQzgpBWPqxgSS8BPQUD9VXEgymHTubmw9dys5nHPC1vc09ojMURhBLkz%2Bjv9NgLGbBa25p7Z3%2FG0Tz6Bfr65IZOtiKKQMKwGvrvdi8r%2FTA3RjvM0yNOib64RScA"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 02:42:04 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a7b44941-77f5-3a11-02f642d6
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum.casalemedia.com/ Frame 82BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74efecc9e9a6406c-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2zUEXAy9lrpJOqoWM3maNIycVgv5OuXQGBLkmEtxj%2FsCsOtFNc28OiqoO4EVs%2FfU5m0OsiW66jCu9jyidpbJxhV2qiQDg%2FjWXNUmgs3T7Q7DCWTHAj8Dw1c8NqYk2yJbaGFRuPY"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
afae21d7-459f-473e-a008-5f3b3cdca9bf
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6417679249573876566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 82BD 		43 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Yy0c.o4NIzgj8LvklyoAUwAA%264393&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1663900924400007-598
Expires
Fri, 23 Sep 2022 02:42:04 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 82BD 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.144.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-144-255.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
Server
gunicorn
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 82BD 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yy0c-o4NIzgj8LvklyoAUwAAESkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74efecc9180e072a-LHR
content-length
43
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame 87E8 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22587791099%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_subject_v_pre_1&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=1494821628612202&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26openx_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fe19e5098-2b0a-45c7-a7dc-f161fa9195d0&sid=7FCEC3D9-0A15-4782-999F-E2AF12ABFA94&nel=0&eid=44748969%2C44752052%2C44754420%2C44760950%2C44765701&dlt=1663900919813&idt=2813&dt=1663900924301&cookie=ID%3D19e2d9fdbae31907%3AT%3D1663900920%3AS%3DALNI_MY6CSwgJ_pyPZGXrpKAfdJ5aGpvzQ&cookie_enabled=1&scor=1338455393682993&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdc74ae324785ad94ab1e4c669fda7f73600705f8e43c095ee139a755c0369fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6992
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=509853208158296&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame C06D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83786
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 24 Sep 2022 01:58:30 GMT
usync.js
eus.rubiconproject.com/ Frame 51E2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83786
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 24 Sep 2022 01:58:30 GMT
usync.js
eus.rubiconproject.com/ Frame CB77 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83786
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 24 Sep 2022 01:58:30 GMT
usync.js
eus.rubiconproject.com/ Frame 3A1A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83786
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 24 Sep 2022 01:58:30 GMT
usync.js
eus.rubiconproject.com/ Frame 4F6C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83786
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 24 Sep 2022 01:58:30 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 576E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 23:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 23:30:01 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		372 KB
372 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=889240-1269751

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 889240-1269751/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
380512
Expires
Sat, 23 Sep 2023 02:42:04 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
Expires
Sat, 23 Sep 2023 02:42:04 GMT
Server
nginx/1.20.1
khaos.jpg
token.rubiconproject.com/ Frame C06D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 51E2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame CB77 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 3A1A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 4F6C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
generate_204
tpc.googlesyndication.com/ Frame 576E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1S3w0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame CB77 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Content-Type
image/gif
vast
bid.g.doubleclick.net/dbm/ Frame 87E8 		32 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BLoaujsmUw6SDp0s8bIwvEg4DPHot3WxRJXM9GwQduDEU9uUkztOXrW3AbCr-BJbcjCqacZtVbo8ML-XOLN0r3YV6D6g&cry=1&dbm_d=AKAmf-DbroSYwCwUNicIzFts9cm4eNsqgtpBbIKPaeJSf410KWtTxkbCi9oKhXeb1N2uFJpGpf-9qsPI65nqULuWBr2Y3Vn3YFAPthBk-eHHwsuV2U3kgPCW_iGKn-4hkLsy414X_6cNgs5mdKtY0-Vc0YNIGJEY-1Lavag6PPjkf5x154ZkmNxHyrX-ugXj94480fmSwMGd9j1KkLp2AlsSfWIrLb8JDq3ZUjzUIiZIWngomsetawa73GAODEIlKsqnTtKOB6cqlBtQ6evHcbwqJp1Loj17uZc76rUEBwPNVB0kgnqfICPzRwC0Bzz0_xVweEzvMHbwnGKl6Jpxcd6VgBUBeYa0BkzRF_n2zbV4NDjWywhMndIj_5zFQ6gAYqauRT3Zingieg4zMVxordVhh2JNQs1V8VIL9s23sCzz8v_2VamvbX7aIA73QvhQjac72VeoFkAukjigZskrqZyyenIg_zzABBlq2HjEKlVP2ZKPWxuvUay8XDtbPHFa9v07bk_dILme7SnkpS7K-MBTh6Pagq01YK_7gMTusl8WJ5qKVrhpP5AYhHTtzjrdU097yLdBUnXaSW0Nsyp_ubBaB0dtl0s-0DT3DQN6xdmG6eOQDymNETo206ZImnl_-mP_zRnOp2WvN6hqu1fcNbhpf9zDboquF7rQl7duqVq83-w9adnXR1UVojFrmnTl0KWqMmxaRM_Dtx_5A0D-LGgHNbeShwVsRMKQLA6WsSf6eltnjZooEt1mmVuG1BilPgix7fDdmampztn0ng5L-OQuxk0OBoObGEqduDKJ7xNMn6QdwQGUEezfOw_EPMYqosdeoIgFoO133ZTR_uQeICw2LeAMPlrYFA192lLV3FSx1mq9ITiC_ENueu2AJ1Wp27FAp_Sw96NPXN7bQl6Ensf_XxdX5saHWc2FMHUK9Tdybgz6XamIR5KgxGm9sOheDlC0Df1b_1NOf095ILWj3b86SYI_808zHYL89K_1pOHFh4Zw-W5_aDNj_k76GQkcoojORhSAHQwdCJ0Qqdtj-rlGWqHBS6JRJOehhW9K5uR2oiLzjeeZNQkiuu9wLIJ6Ukr_6uWY7UTP0QJJWT3WgWpbtKZC8ZS5wSCDjfKftnrYPSYc95ZSLQfAV5rL9lpCe2emWhIRVuaYef6ISa2ns9lwzpctQsVwebb1Vix0jAWuW1DExHgNhdGj9cZTFwTvXGgUDK3szyiA5eLHanP4k-Kt3JiaBhGGlIJ47su0IGOaYtv4QDBogGSQQWZ5L-ugM8dJTgWeCxGcY-QCyrFirC6x9UZAsWX3wpoTSf_ssSKK6feAtE6DfUUk0ls9DP62ZFQPRm3TQjrAaAWTPUqjx30YwTI3Lnlm1NXKYu5ndr8usm4BjxXnkpnlt_YccdxEC9TJnRvAC9MJWW2CK4pC3lYv9Z6IvHhlnL6ciuPmCQ9j4RBs0hg19MM9iiR0RMz0oENAJ1aqaNMn73FvuQqHiEKy7xBjDieEJv6q6qJVktoaI-GLFoGBFhGI6S5pGm3qvTQ7eVEDx1BFoZZsvoZJ7MonlP95KTAN0H5jFGoZDkyoWJbAxY1bb2fKIO2cj6uaxsTZNmm20JTOdTeQUwH5zLo96K7N7lKcyGCt0PkfOFtKcaim1yTkVjLTMVOXQ3IqClrW4jEyG6V-HUogR6pmU3gPZ63vL7mySih0o1-hg7FAYShwSQmR0Jpm8Tabgg_-Ge3yKHPCXrhEHOOBDlSmpGz3P5CyA8LwRCkYUkRp0z1d7EJIWcpV2QnXzCo5uANmsU-FS0a2EJ8rynFSkQ4HMOHj5b9uhwSrXgAcbMT-VnvJpyo6T3cuxKkkeNAAG3Q_4jsTm_hE_3u247IJPRqiYob98vbeRO79qyBJ2B1xgM8GVJZ8LT3LhfRn0e5ivfo2X9SZTNZllEEtw3ijxlyDk8jkyl91QZCJe_DNYyViKCtfqnaJnf4BVn_fRHBlObzDYLq64RF_sT-E14b6OOSI4xfLwFdjRSPbGPO4Wt_IMW9MuCfQiHWDubsxaQdRKZ2kK7or6DXw6V8Ypd1GpcXlhZwVOnG1SltHaavIJ3C_rEaRPHG947UKxabSjmukcWU7EWiduSp-7Z2ojKy7z55vnGe44WGDkLJbH4oUJh0s-rv_-jqhQi95BF214OEsohb4fAv7qWdNuuZwhyiHPfXH5CTl1rmfrdMiROPlAmeJKs8yQbdMnWEwtFZgB4BHnp4s38HJHargOXMKpCEnR6qpRO2DZaC9of1T_JW_dHVKOWsJs1ScQMrl34ZFCnJF8jbKXXFm71kx4atWoK3BuUgmwEHXdNr_6LOjZ7HHrs3jz9sNcwY3nRdXNhsUIhUy9_Qf0aXdgLnUsSHA20ZYd0ZtK4vaOfQZp0yFiGFyvdxjYGGJ4IGGJBg_BSuvYsmpOrYXMVM8cr8rGeTPaK1I6f3LLNgDQ9hhNXmbK6gSNpsFWZULoV_kQOTbVX-r-PrtwEF43Q3V6D8p65viRnglQucy_1FYv5xaZ25SLqb7JAseL7Ug1W0CyuamT2lbbJ6OxyjKitbDBLdysQYBCeSKXxkRjapsj7m3py8tP5qkjRXE_dha2NXy0ohoIYuDFNfvXJUSy2UX3fXzuMdRjHzhgo3FctkJmW2m9QBBbF3Xo6Jy6oCQfvntp3aW0Lo9gSjR71nY5PRt_kc1vaS9i1CgJhLPzQdc5JF9stJblCXC_UEHVvgORhgg2G74-gcc_O4wmgkGrmGakRar_ooucoUUGBc0GkJGqCBY2aNBATQ2rSGF-rvphQIuKLzcYWkJn0PxzqG9Fx-EjdxF37MJNZiQ1bQfjj327wsdj1RscAZXpYlGgf9AU9puWyTUL4n5eezeuvBKsHgTRNdCLHtY4L-30Co1ZcwRqDJ6jAQQ6yt2tUpcFycMWG9iq-FwaWvo4eNULa7n3lIym128PGXlQ5SLpfqmHX2vcOvddJQAR60m4kD2ecGfp7qgGjAtQS9NJ9AeGS_LNAEmthJSb2QojSMXfNdKGhSQN20BL8-to5dflEPgEXhrtUEP5v9949Jn2T1tbJq3AJ3-jCDLunz7OCBAUfUX0k9U3-suj24g6nA4k3v0JdzmbZNMCZc-273y4-W8DG2I5N8bHQba9mX5oBWmkgiFspzNHT8FUceep2PBxiTLqmi2oN1hQSU-roSElI5R0XXRYW372TO-3LS16kUNCkeyXYV4TZ_ZbHmkXH_W09bYV0qruqRDfwHeHKFi7dsZjP_Xr-vzXgy7ap7X8gSNghAdDuG00VZLWIPeY7Dxh6RGNmJL7L0mLWtoZshb6wBYbDDg7rtt3CHjUpK2IuJrpVrZzj7dcwdP8467VkBfKA27puuddm3uxJxZCOJoOIFFNo1lmx-zv7ZdiCnQDt6jLeiseuUNt7X9vFHIvOnv2x6HRVquJfVjV-8pDxM&cid=CAASJORobML3rUco9DBL2K0FR7n6hNL2oQkK18L_KGBPF5pES1FVlg&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fe19e5098-2b0a-45c7-a7dc-f161fa9195d0&sid=7FCEC3D9-0A15-4782-999F-E2AF12ABFA94&nel=0&eid=44748969%2C44752052%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fsubject.com.ua%2F&dlt=1663900919813&idt=2813&dt=1663900924705&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f157.1e100.net
Software
cafe /
Resource Hash
7d30f6a2e507666a47c241d5d08da97b05388eef0f55f872c2c105bb7da9c18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16616
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		427 KB
428 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1269752-1707227

Response headers

Date
Fri, 23 Sep 2022 02:42:04 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 1269752-1707227/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
437476
Expires
Sat, 23 Sep 2023 02:42:04 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:04 GMT
Expires
Sat, 23 Sep 2023 02:42:04 GMT
Server
nginx/1.20.1
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a5og,pingTime:1,time:2477,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D,%7Bpiv:100,vs:i,r:,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1477,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1159~0,0~100%5D,as:%5B1159~970.250%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:108,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:332,sis:578%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a5oh,pingTime:1,time:2478,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D,%7Bpiv:100,vs:i,r:,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1477,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1159~0,0~100%5D,as:%5B1159~970.250%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:108,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:332,sis:578%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
csi
csi.gstatic.com/ Frame 87E8 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8dvncoh&c=2576454272549&slotId=1288227136274.5&qqid=CLzuq_zxqfoCFQIg4Aodi_UFkg&gqid=_BwtY8jZGI_3gQfD3KDoDg&fb=ima_html5-lima&sdkv=h.3.532.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&ghmsh_eids=44748969%2C44752052%2C44754420%2C44760950%2C44765701&wta=1&vmfc=17&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5fKM_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwHIAxOYBACqBL0CT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDoppOfqlg95hLkPDYUCavBIdf9TbK-xcl-3LIR5lG6RQlGAkM8W6nj-uLysap-beXfi9dGfS6uqR8EDep00D3ABNW4hp3fA-AEA5AGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE-ezyBDQEwDYEwqIFAfYFAHQFQH4FgGAFwE&sigh=gEtCO_oEx6E&label=show_ad&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVIzCN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTVAAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 87E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CaQQ3_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwGYBACqBLoCT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDo_pItwFAXBiB2j7nZGwsMMCp1bnM29COmwljh3HCwwQBvGuP1m7cJAFzan7LMiHX8Sn3XVQK2GKXRH0rABNW4hp3fA-AEA4gF0ZfjpTiSBQYIAxABGAGSBQsIIhAFGAFIm_OhAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCxCA-qMDGIWey7kB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgPICwGwE-ezyBDIE_G42N4D0BMA2BMKiBQH2BQB0BUBgBcBshceChwIABIUcHViLTI0MDMwMTgyMjY0MDQyMTMYjLV3&sigh=zQZNhfAWEJo&cmd=Ch1jYS12aWRlby1wdWItMjQwMzAxODIyNjQwNDIxMxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwCsnQUxMBiatBJM4zX1ALaLmxspYsr227ZyUNm26fggLVWS6lcTYiGb4ts1dR2PijOMdO7PYOIf1ayP&vt=10&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVIzCN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTVAAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l8dvnbd6&c=2576454272549&slotId=1288227136274.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
48
r1---sn-aigzrnse.c.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r1---sn-aigzrnse.c.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/acao,ctier,expire,id,ip,ipbits,i...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrnse.c.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F32FB356062020544816FB9788BDFBC71C072AE.1FC0B874C45E57C214F12B4255B0BD376C03C298/key/cms1/cms_redirect/yes/mh/Uh/mip/2001:ac8:21:e::8/mm/42/mn/sn-aigzrnse/ms/onc/mt/1663900622/mv/m/mvi/1/pl/48?cpn=Qfl6CPwlfq-BJBjH&file=file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4009:14::6 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jan 2022 16:41:23 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-4454554/4454555
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4454555
Expires
Fri, 23 Sep 2022 02:42:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-aigzrnse.c.2mdn.net/videoplayback/id/5db1eac27086f9e0/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785848883/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0F32FB356062020544816FB9788BDFBC71C072AE.1FC0B874C45E57C214F12B4255B0BD376C03C298/key/cms1/cms_redirect/yes/mh/Uh/mip/2001:ac8:21:e::8/mm/42/mn/sn-aigzrnse/ms/onc/mt/1663900622/mv/m/mvi/1/pl/48?cpn=Qfl6CPwlfq-BJBjH&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		348 KB
349 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1707228-2063863

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 1707228-2063863/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
356636
Expires
Sat, 23 Sep 2023 02:42:05 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:05 GMT
Expires
Sat, 23 Sep 2023 02:42:05 GMT
Server
nginx/1.20.1
async_usersync
ib.adnxs.com/ Frame 33AD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
70f1e0ef-977d-4bde-bcca-883dec72c567
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B788 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
316ace9b-7987-414a-8a11-5c836e8d6607
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7D73 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60a10865-7228-43bf-a3a0-c90b57dff660
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=509853208158296&bg=!1tWl1ZHNAAYIxsuQKMY7ACkAdvg8WpXLmsCj3Y4cflBvoTgPG34U8SSjbsfuP_S51TM7TD13QCpwowIAAACGUgAAAAJoAQeZAqp2yJUoMhHwAHzb4jnQRpVHV1MyqNN4-L0aIHtny0-33LuCQLcSaX9T8I32MpKtbrcAiANMbvNI-1twoPNXo83KA_prfOIQayWHhVO6atOO8LwwMt6v-4SseahY9O0g04NDbFry_Ipd4fXKd5UsOolV9jAhmVM32tAKi1CYGIfxbcpOZRdFNV7vIDWuNMiS6MgPe4Nv5AkvA09meVL_u7Immv7mCABTzxTyZ2qymcyFZjNXn7_7OdlEnAUItLU2EBkVHvgG32HurCL7C9l5kClFKorgXK-XZomV-mljZ4ubEzM21l9A1aoD8NGRv_WcoXIDCkmg_QnpRNn4KbGTLQwWHITGBmniZuToZUvYpfUYNdGGWjwlJjt9FVk8Q7MMf7Umk0qRPA1DfzPuaG3Dl6aHCCRwpAxoAntjBWegBxKfGg3lvgqvudCdsMeU0uo2ph66CanO8faFFrX0BQ-HFaXcgcdL8rfXjqXDm_Kizz2Gi5C0B2RwfqrtQ89Lh7j-aPiwgXCB5_Dj3qkNOLc3xlHm02zv_HILUcJuHPPrrTgOWntB1CwE9SdqCfj2RXlu8clOdCTX7g5Z_PA6fZVW1tmkg6QufgCl-75-yuibPVHy_cQ1i6IxoRn6i7s5vRunUzYrkz0MU_zG3cE4DBaK5wQJz2Zlh2QA4pVPbD8VDH8HdB3APsfm1PyRzmg83QkuEp7cwq622f_ck_i-kkN1yuYAc6WH7VgN2M8yay40fFUOnpxCAwwXOaIOoZmvBRH7xrLOEoiPxGhqFIPoejAlXf9qxSAhOFMX16MynxdVLEGM5VCKS-b57hma5KjuJROCXuY5PKPKrErHlGhJoWL0J6QbOiyGSrqfJjoofGQrGfSRu11KOKKI0Hm-8OwpWVdNJ-CxTOkTVSQ_vlSh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame AD60 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e9df93d6-744a-4ba8-9c9d-bb963bfd0564
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B124 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b27dfff1-e3f2-4ae2-9fa1-f6d975a917d3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1161638
x-amz-request-id
tx34b7e8c39cd344de80977-00631b6357
x-amz-id-2
tx34b7e8c39cd344de80977-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izxfbVj4qczfLSUnZlRczpD26TLA%2FNsV90Zc%2FTCSayAdQNsIFHG5Q2bhcIIvy9t42mW07MgTso3pLle56G3VUaGDA%2FxL709GIcSd1OQoua3JdsHyubKc0RBe4KcaHW8YDkVRrovObqduJf4g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74efeccedec58877-LHR
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 23 Sep 2022 02:42:05 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:04 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
ROS
pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/ROS?rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&nc...
  • https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.2...
489 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_pubProvidedId=%255B%255D&e_pubcid=c1011268-e281-4c22-88ed-6aff85b7fc56
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
38561c5f3d4a119c5e4e70d91eb6dad76fa92d8e231eaaf8bdff54431a41aa87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://subject.com.ua
expires
Fri, 23 Sep 2022 02:42:05 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
489
x-sid
AMS-936

Redirect headers

date
Fri, 23 Sep 2022 02:42:05 GMT
server
openresty
location
/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.23054899975019838&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_pubProvidedId=%255B%255D&e_pubcid=c1011268-e281-4c22-88ed-6aff85b7fc56
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-936
openrtb
adx.adform.net/adx/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		373 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39536&zone_id=1078218&size_id=10&alt_size_ids=17%2C32%2C54%2C67&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,74458,1,,,&rf=https%3A%2F%2Fsubject.com.ua&kw=Education&tg_i.ref=https%3A%2F%2Fsubject.com.ua%2F&tg_i.page=https%3A%2F%2Fsubject.com.ua%2F&tg_i.domain=subject.com.ua&tg_i.siteid=94876&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&l_pb_bid_id=10ac9c2f2f3847b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.021367360155615245
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e5b35e170fa0ea667482b0a3a10fa2c2b08bbc10d03aa6aa728c147d9faebc6

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
373
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:05 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adjson
ssp.otm-r.com/ 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=240&h=400&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=142aceaebc63458&transactionid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&auctionid=c61726bd-7383-4026-8fee-b4bf6a06ed24&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=250&h=360&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=142aceaebc63458&transactionid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&auctionid=c61726bd-7383-4026-8fee-b4bf6a06ed24&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=142aceaebc63458&transactionid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&auctionid=c61726bd-7383-4026-8fee-b4bf6a06ed24&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=1050&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=142aceaebc63458&transactionid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&auctionid=c61726bd-7383-4026-8fee-b4bf6a06ed24&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=480&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=142aceaebc63458&transactionid=bbb8a06a-97f7-4975-b0e2-e72861c15ea6&auctionid=c61726bd-7383-4026-8fee-b4bf6a06ed24&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
server
nginx/1.17.10
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
/
prebid.smilewanted.com/ 		0
0
v1
ww1097.smartadserver.com//prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com//prebid/v1
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
pb
ad.360yield.com/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.181.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-181-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Fri, 23 Sep 2022 02:42:05 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
adjson
ads.betweendigital.com/ 		2 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.255 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://subject.com.ua
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
38407335479100007e0493b032b282f32873ba50ca97af1c65c4744db4bd0bdf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 02:42:05 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
299f7456-7be0-44ba-8185-7f48e63202ce
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		114 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4443a934c7caf5b36d6c6471929673f3d4f44e37a093206fd198760c1011d83

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74efeccf0d7c7562-LHR
pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: 26323
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
x-err
Shapings: no adunits with size and seat and mapping
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		446 KB
446 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash
1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=2063864-2520327

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.20.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 2063864-2520327/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
456464
Expires
Sat, 23 Sep 2023 02:42:05 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.42.79 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5011080.ip-15-235-42.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Fri, 23 Sep 2022 02:42:05 GMT
Expires
Sat, 23 Sep 2023 02:42:05 GMT
Server
nginx/1.20.1
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1160121
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx2474e230b96f450b81d26-00631b6374
x-amz-id-2
tx2474e230b96f450b81d26-00631b6374
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef%2BlNHTTnVyeOr8Bd7ZIzkd36%2B%2B%2BVesCbtxKDYvQnqlfHFyJME6brcVQCPy7HeCwLLXqOVBJhvleisxDxMJE0k3Lgt0XquDB4R9e9RkKz%2BKz8T3QwnyKZiLLhE%2B3ejGDChg91mq5b2g6i8%2Bb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74efeccf7c15889e-LHR
access-control-allow-headers
Authorization
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5fKM_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwHIAxOYBACqBL0CT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDoppOfqlg95hLkPDYUCavBIdf9TbK-xcl-3LIR5lG6RQlGAkM8W6nj-uLysap-beXfi9dGfS6uqR8EDep00D3ABNW4hp3fA-AEA5AGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE-ezyBDQEwDYEwqIFAfYFAHQFQH4FgGAFwE&sigh=gEtCO_oEx6E&label=video_ad_loaded&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVIzCN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTVAAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 87E8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 08:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 08:58:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87E8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 87E8 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4EblEsdlbNqkYhtXpmkHAYxUErS9J4BAKGqa3-3sxs_vZA1Nv-aP9LdktY9BW8yrLOQqxGrKtfhv-UtN5wuh_t53fxkknG3pSgdY1KrrS60XVjWS1yx3VH6qO8vIROPQqFn-mVgGN_CoqGsxIu0-m7p2AZCjlCe8VOEJ6sEmQgeqQHIiE4UcrhK_tPJdPzpI1PtdGl0fG-miNCdvXKKSZUOOT6yZtb-Ombt4LfxYq8g4weh49AqFZR-HIgeo7fW41PoXTnQiL72r-obwI2QoR22-9iwFXk5Y0KqPdtVYU7dTFwBD930W4A6LG4N9RKp_DFoOtpnqR8B3YfpQjjFs3PAxUtHydDNbtbFWb2RA7tTIP1cJmPnmF4Q50eCgqUpFwOwBQaBVHCu-q9R8iI3uatyHb28AK6yGXzU4YrQR3BBIqBRTBcMPeyH6605zup4E85KpvVkXhN5XfDEUTwJ9YNgnCOEsrzNhGS7987ywnFc_rAhjP8Yc29O3Tu50vi-BnNFrSg-B7gb7x7OsTP-a3WmyWCJshQOX4oyxKvTYB0r3ei6DB8pRlJCRDh4Ak3ws19JK1O2n_wZfKFG8fiE4rEZjyVsbPfwyo8GiDSqlMlKOGwLDRebimMK4lEAoseC4IIM05VI6GZOmT2u0INBpse8yIiG2O2JK3Vb7sTMoy4cnL8e2lF2aVYFkt3gjMfPoXCQvVVnCxmBiuitFQtJ5G_NNH-HdGTih81Q4ouNsW_kSv1IyDZemkser9uQUPVW7k_Cr67UBFcuGF5O0qXxAK1z1ITP3RHJt0DzYheVnVU1qW-8Z4JScbrIszegFEJ4dZjQp7Nv0j13z7hFUUqEY7MrqNpFq7CPMMKA_BApuv9eCUl85aZsPgqn6c6dQYAxhGM7Y31V6gEHllIK-b8JjQypimgUWvMlE0eSbPI60qfN9ZWUo3cOW13iZ7ivLFok5ILfo9qTMpp4d5jT7M2W2dhAbWQN8BaGbldUGjaamkHA8QwJi1BJVgTS19As0m2S9ygYSk2q6yvXZVooYivYKgkzsorrCXJFBC2yLx0hCQyegFRg_cRaVgJNc72IzBSBq6TfVmemKnkjTbbiXt1t-UtkfK0KeIyR4FaH02X7lj4jAgOU_ncRHZuMifs2_C9LcdNfsLIbZtl4KjnzJGIAvEcifRyVEjoZ-LiS0wvvZ3LA2QULwOaBQJEUxp1f8jp3yOYt05z5ICzBedzPalwNks8_yZnwGfyU47VRRyvOLi7P9ul7SusSzOygx91CAFYRa_k44vBnMuImPINxw7kB26VebOqkCzXswT9PZUEeWbOXRPqj1yend1Pv6Zdh4QIaBz1-Xwqn11ztOfiXt2aEeg2eKRmjooNP1lvA2H&sai=AMfl-YSEJRB3MgUWv4OF2J9nwyh_gq_WpO1_Co3R3vpKQEsSrDtOnL61_CiKB2kHeZuR5r_q3rOrARyjoEV6x-lkIDdKrabGbqH6kOud1mYlsOky0f7czkfC1UbrLcx4ZDXlBLwkGD_ITx6TPeASPHbFWiTin4NC94qRocwrP48JmbLOBLNF3I5Rxb_3lIBYnzr5qtwMxlFDpfGAzFNcEmh6ug&sig=Cg0ArKJSzCI4SeQ40nNhEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.532.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 02:42:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 87E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDryqX-AhiFnsu5ASABMAE&v=APEucNVrvum04fWX63dFQSgucVd7WlsT9jiXZD1d7ZvYbVi4PBIBXWx79hrGBiTG2lbaMJ3GMy87PF7owFh6v8By2TStUub_dQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5fKM_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwHIAxOYBACqBL0CT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDoppOfqlg95hLkPDYUCavBIdf9TbK-xcl-3LIR5lG6RQlGAkM8W6nj-uLysap-beXfi9dGfS6uqR8EDep00D3ABNW4hp3fA-AEA5AGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE-ezyBDQEwDYEwqIFAfYFAHQFQH4FgGAFwE&sigh=gEtCO_oEx6E&label=vast_creativeview&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925328%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1663900924930&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVI2CN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTUiMA1AAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 87E8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925329%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBxyomwsP_6JTN6EvbYU49hAF6B1DxkxjqNJANvQYWo4glsfgKLdtKb_qS_6QRbJGpd1TqIVna9lEZhZUuEIhpAhPEQAd47RCFLlG3zuwT5x7NwZRoRHGlt7S_yhokGiK0TziixQ&sai=AMfl-YStGlqK2Oz0umzblbLJ4_wVTeuM2m66S9P_oef3aCy-uWanFVRKh_bEC4KufYsEgf1Ea9xZAdy2P8ZdEBn-Zhxjpciu0Bl4ERrkzVJI88OdACUaks4HVbDfYWA&sig=Cg0ArKJSzAcMMZekf6weEAE&cid=CAASJORobML3rUco9DBL2K0FR7n6hNL2oQkK18L_KGBPF5pES1FVlg&id=lidarv&acvw=sv%3D935%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925329%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 87E8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925330%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930;dc_rfl=0,https%253A%252F%252Fsubject.com.ua%252F%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5fKM_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwHIAxOYBACqBL0CT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDoppOfqlg95hLkPDYUCavBIdf9TbK-xcl-3LIR5lG6RQlGAkM8W6nj-uLysap-beXfi9dGfS6uqR8EDep00D3ABNW4hp3fA-AEA5AGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE-ezyBDQEwDYEwqIFAfYFAHQFQH4FgGAFwE&sigh=gEtCO_oEx6E&label=part2viewed&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925330%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVI2CN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTUiMA1AAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26...
ade.googlesyndication.com/ddm/activity/ Frame 87E8 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925333%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5fKM_BwtY7yAG4LAgAeL65eQCdy_-5RsoZ7k2oIP8C4QASDl8Zx-YLuGgIDQCqAB48runCjIAQWoAwHIAxOYBACqBL0CT9BHolxa8UQkPu-diqcXj6mc3i258kLekvDGRA7paRljCp1RED6J2r4XqFZOSrVE7Soyhdk3mwU-07oeNt5Zcn3qxP2hCNSl_FACv39QZkBZq3UpJZMXUlh9DXTK0dh0coaOmaU28lmmllAB-GHcOjLAxV6h4-9PpBLDB1k_e5OOQtpRcBQjUmH7ZNk745ixWLzWteBGuLxYuvBpHy4LHP5T0fb_nQOUA6bLZt7cWDqPg4AN-cVpW_1tSZww9UOAB0sbEPud8x6GKn1yVphKTco8aK2dHQl0FKOTKSuzB1ndhGv3_64dx3pwmKKYeNrGmaJcRz8rpyFbSOk-SaDoppOfqlg95hLkPDYUCavBIdf9TbK-xcl-3LIR5lG6RQlGAkM8W6nj-uLysap-beXfi9dGfS6uqR8EDep00D3ABNW4hp3fA-AEA5AGAaAGToAH44K__AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE-ezyBDQEwDYEwqIFAfYFAHQFQH4FgGAFwE&sigh=gEtCO_oEx6E&label=admute&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900925333%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1663900924930&sdkv=h.3.532.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgxNjQ0MTY1MjRA-AIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTE1OTE4NzgyCTE2NDMxOTM0NEC3AVI2CN4HEA8lAADwQSgBOgsxNjQzMTkzNDQtMUIER0RDTUiMA1AAWhBRZmw2Q1B3bGZxLUJKQmpIGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 02:42:05 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=11&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=593095072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25419
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=12&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1491874664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25419
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=13&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1943420459
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25419
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 2E5E 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
118344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 17:49:41 GMT
expires
Thu, 21 Sep 2023 17:49:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 2E5E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 22:13:52 GMT
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Sep 2022 02:42:05 GMT
Server
nginx
X-IPLB-Request-ID
D98AC46B:A180_335B3C26:01BB_632D1CFD_11F13EF9:26F39
Content-Length
0
X-IPLB-Instance
42214
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Date
Fri, 23 Sep 2022 02:42:05 GMT
Server
nginx
X-IPLB-Instance
42214
X-IPLB-Request-ID
D98AC46B:A180_335B3C26:01BB_632D1CFC_11F13CED:26F39
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E5E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.532.0&bgai=B9d50_BwtY-zcMYn3bIHMrcgJAAAAADgB4AQC&bg=!zs2lzYnNAAYIxsuQKMY7ACkAdvg8WjAJJbhAQ_S_3K1gcFRbytQ_TwZDT_Zk4bdSoKc_0U-3oTB1GgIAAACsUgAAAAJoAQeZAs7EOgPCW91HczvHRR3qzcMPckj9pnZ8DM6pcRN_5V2fKm_O-0I-q7DH6ISNQpJ4_m_ezZ7mboNu3ThA5jhWkk6cmzcBK2K7zUgP2C1FWtDlsKJ9W26-KjqRy7qp1HGcGwOykxgEteWtLM0mj_TqM4xJB5Lsf87UJdqV95DBAFuKvxjNYQNeWH08gcbURA_QpdVuA_6vTBs0IP4s2Pk3GF8gRZTPhVKZtiXuiRWk5uAhnV_PvEgorCtlTI67jGDozMCynohRtVb04wOgDOXm49Qwy_JNoxeHUZdSf1Y00zMkyHR8GYOBFT84Xi8sgfikyyUc7HHjsGtUoODIvKgfSlU580iGoej9sfIbonfCYRLfG9MGaU5A6DldoEyyy5cShNNcjzFOEf5vDnSnIwISwJmDWtzTJJFvin7QRwvZvRAoEsSR7kihaoPyj_RGZoPRK2vrY0asIQL7nPtRzlnU-gOQgxHpo0QoTnT0WCCx-ejwAOkVryEVW_mT6jWsB65nZOQU6KvsW55kvPeuQnKxOQufFv-Sjir8KXeJMN_my1fPKEXhQ_MG54D_i1dRHqOyU_p0xkJy1FyYZjZbqjuJqOSiwdYuYdG-UI3LMzz0bw1dy8jf9pw2pL4EKe5zuTOJlCze692jwYY3fbp4iw2VG7Qz5PKkCWe42S3aKlb5M1eExIN-IunN659bfimdGBrJvhZQC3NJBI1gXKdWaMYbH1d12alk8L0xmUPmeIfahmVUYN_Sf9_JmE-KtQI9DpGLZnsaNx94ms_6eciHrddtI5KQ1U-1qFnSDjJS5Hlgg6PTCoMaGSjTR8oi_SqVuLBINBoQjBrCSPLJ5QzsdpUtdywdZVnotaQ3zGyh1IZDUZmD04eN6u2fonwDChGt-AqKuuj46d8TDTVctcRE91V6LWU6KZ4DN9LTORRuYg_LWoAuzjoivAYKcmHmXNAzpqDJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=731242311&t=event&_s=14&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=829982774.1663900920&tid=UA-113932176-40&_gid=966592310.1663900920&gtm=2ou9l0&z=1269408862
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25421
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D2057,0,0,0,0%26mtos%3D2057,2057,...
ade.googlesyndication.com/ddm/activity/ Frame 87E8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7MrC_PGp-gIViTsbCh0BZguZEAAYACDwoK1OQhMIvO6r_PGp-gIVAiDgCh2L9QWS;met=1;acvw=sv%3D935%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D2057,0,0,0,0%26mtos%3D2057,2057,2057,2057,2057%26amtos%3D0,0,0,0,0%26mcvt%3D2057%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2057%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D620%26pst%3D428%26dur%3D30037%26vmtime%3D1840%26dtos%3D2057%26dtoss%3D1%26dvs%3D2048%26dfvs%3D2048%26dvpt%3D2048%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900927381%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2057,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1663900924930;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 87E8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBxyomwsP_6JTN6EvbYU49hAF6B1DxkxjqNJANvQYWo4glsfgKLdtKb_qS_6QRbJGpd1TqIVna9lEZhZUuEIhpAhPEQAd47RCFLlG3zuwT5x7NwZRoRHGlt7S_yhokGiK0TziixQ&sai=AMfl-YStGlqK2Oz0umzblbLJ4_wVTeuM2m66S9P_oef3aCy-uWanFVRKh_bEC4KufYsEgf1Ea9xZAdy2P8ZdEBn-Zhxjpciu0Bl4ERrkzVJI88OdACUaks4HVbDfYWA&sig=Cg0ArKJSzAcMMZekf6weEAE&cid=CAASJORobML3rUco9DBL2K0FR7n6hNL2oQkK18L_KGBPF5pES1FVlg&id=lidarv&acvw=sv%3D935%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D2057,0,0,0,0%26mtos%3D2057,2057,2057,2057,2057%26amtos%3D0,0,0,0,0%26mcvt%3D2057%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2057%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D620%26pst%3D428%26dur%3D30037%26vmtime%3D1840%26dtos%3D2057%26dtoss%3D1%26dvs%3D2048%26dfvs%3D2048%26dvpt%3D2048%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2369%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D848613229%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1663900920907%26ptlt%3D1663900927381%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2057,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1663900924930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a6qR,pingTime:5,time:6482,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D,%7Bpiv:100,vs:i,r:,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5005,o:1477,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1159~0,0~100%5D,as:%5B1159~970.250%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5006~100%5D,as:%5B5006~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:332,sis:578%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:08 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 709D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1153048&asId=3a94553b-3088-a17f-2c28-16af3ce6b3e1&tv=%7Bc:p0a6qS,pingTime:5,time:6483,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:331%7D,%7Bpiv:100,vs:i,r:,t:1477%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5006,o:1477,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:331,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1159~0,0~100%5D,as:%5B1159~970.250%5D%7D%7D,%7Bsl:i,t:1477,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5006~100%5D,as:%5B5006~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:tidMHwr+11%7C12%7C131%7C14%7C15%7C16%7C1711%7C181%7C182%7C191%7C192%7C1a*.1153048-65870243%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d%7C1e%7C1f,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:332,sis:578%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 02:42:08 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Sep 2022 02:42:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
645091
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame FCED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 02:42:11 GMT
ETag
"623de86a-cf34"
Expires
Sat, 24 Sep 2022 02:42:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 40DB 		611 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
611
content-type
text/html
/
csync.smilewanted.com/ Frame 1519 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
74efecf77e81dc2d-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 02:42:11 GMT
server
cloudflare
vary
Accept-Encoding
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 9755 		0
0
/
onetag-sys.com/usync/ Frame A8E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663900925234
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame C4B2 		281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 02:42:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
spl.zeotap.com/ Frame F5B5 		0
0
prebid
b1h.zemanta.com/usersync/ 		0
0
sync
x.bidswitch.net/ Frame 40DB 		0
0
btw
sync.dmp.otm-r.com/match/ Frame 40DB 		0
0
btw
px.adhigh.net/p/cm/ Frame 40DB 		0
0
/
sync.bumlam.com/ Frame 40DB 		0
0
usync.js
eus.rubiconproject.com/ Frame C4B2 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
Domain
s.e-planning.net
URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Domain
spl.zeotap.com
URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Domain
b1h.zemanta.com
URL
https://b1h.zemanta.com/usersync/prebid
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=between
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/btw?id=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Domain
px.adhigh.net
URL
https://px.adhigh.net/p/cm/btw
Domain
sync.bumlam.com
URL
https://sync.bumlam.com/?src=bw1&uid=b77ec89e-3b13-520a-a70a-b1b7c427ad4b
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| admixerML object| adsbygoogle function| gtag object| dataLayer number| 2f1acc6c3a606b082e5eef5e54414ffb object| __gcse object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| admixerJSONP function| HELPER object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad function| _ object| animationLoad boolean| d2pLoaded number| googleNDT_ number| googleAltLoader undefined| debugScript string| vdo_analyticsID function| vdo_analytics function| logPixel object| requestObject function| logError object| w_vdo object| d_vdo object| vdo_ai_ object| hb_dmx_res object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google_llp boolean| vdoHlsUrl function| vdo_ga function| initVdo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| vttjs function| WebVTT function| vdo_videojs object| pbjs_vdoChunk object| pbjs_vdo object| mnet string| nobidVersion object| nobid string| vdo_lastLocation object| closure_lm_718896 object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| closure_lm_274855 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| d2ppbjsChunk object| d2ppbjs object| google_image_requests object| sas object| apntag object| _ADAGIO

94 Cookies

Domain/Path Name / Value
.subject.com.ua/ Name: _ga
Value: GA1.3.829982774.1663900920
.subject.com.ua/ Name: _gid
Value: GA1.3.966592310.1663900920
.subject.com.ua/ Name: _gat_gtag_UA_1099121_7
Value: 1
.subject.com.ua/ Name: _sharedID
Value: ae29cf9d-df75-4096-b647-2b02dd4cc00a
subject.com.ua/ Name:
Value: store.test
.adnxs.com/ Name: uuid2
Value: 6417679249573876566
.quantumdex.io/ Name: uid
Value: b19c2576-efdc-4da4-a26f-2080582a0aa0
.doubleclick.net/ Name: IDE
Value: AHWqTUnb6OhpYeb3fT7YqG7bxWv99GXwuxJV1tcQ1-rHk0tFnsPRcRWNT2wWMBBipjE
.subject.com.ua/ Name: _gat_gtag_UA_113932176_40
Value: 1
.subject.com.ua/ Name: __gads
Value: ID=19e2d9fdbae31907:T=1663900920:S=ALNI_MY6CSwgJ_pyPZGXrpKAfdJ5aGpvzQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 4116374027881706144662
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e7c901be-7ce7-496f-a528-c7bc2ccf1492-003%22%7D
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSMrUwNjcxNDG0MDEzNjYyNjQ1EeIz1I0KCy0wcDZxrirPCAAAyOqXFyQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dSlwDIvPC_ELco_PMsytCnE3dXUOSQYACxSeiB4AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSMrUwNjcxNDG0MDEzNjYyNjQ1EeIz1I0KCy0wcDZxrirPCAAAyOqXFyQAAAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In6t<CA-!]tbPl1M>e)ZlrFUfJ+tGXxo@ADkzNa>M2M`vlQ1B*3W08y#`qYvo4+BDy373If)y3KL9D3I?-'D5I$K
.yandex.ru/ Name: yuidss
Value: 8578346031663900922
.yandex.ru/ Name: yandexuid
Value: 8578346031663900922
.casalemedia.com/ Name: CMID
Value: Yy0c.o4NIzgj8LvklyoAUwAA
.casalemedia.com/ Name: CMPS
Value: 4393
.casalemedia.com/ Name: CMPRO
Value: 4393
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e7c901be-7ce7-496f-a528-c7bc2ccf1492-003%22%7D
.youtube.com/ Name: YSC
Value: emxGivV6Ugw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wIjhi9dzMzo
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&dec4ae2b-164e-4b9f-8abe-23dc2f81b816"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjM5MDA5MjI7MjswMjGD/mowtPWa3UkfEYmccwDZebV0Xkk+D0qVvATu/s9s9A==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2809:u=1:x=1:i=1663900922:t=1663987322:v=2:sig=AQGCS1XuU-Jo3Bj7EQbUy71qjMg1SjT-"
.bidswitch.net/ Name: tuuid
Value: b355118c-ce25-4524-86a1-3775cf3ed0e4
.bidswitch.net/ Name: c
Value: 1663900922
.bidswitch.net/ Name: tuuid_lu
Value: 1663900922
.tribalfusion.com/ Name: ANON_ID
Value: a6nseFMZaAC6pqGpS71csbxHIZbgxA9RZdZd7HRdMTodsGRXFo3sZbZdZcGH9VSRAr3cIVhkcjNAgTZdeJR5UqDchonX
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%222BC625CF-FD75-478F-B530-1A077A662A61%22%7D
.mathtag.com/ Name: uuid
Value: 01c8632d-1cfa-4c00-aaee-e265fd2c82cd
.mathtag.com/ Name: mt_mop
Value: 4:1663900922
.ads.avads.net/ Name: av-mid
Value: f1a9c9c5-236a-4d7b-a5e3-1695ce716f97
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.turn.com/ Name: uid
Value: 2811266308298238660
.yahoo.com/ Name: A3
Value: d=AQABBPscLWMCEPho5puDgrV7qseyCkVeMUwFEgEBAQFuLmM3YwAAAAAA_eMAAA&S=AQAAAkzB1dCBW3ynfpj-kE5nlgc
.bidswitch.net/ Name: google_push
Value: AZmPxg-7toHqWeAdYYn2Wst1TACbhgBX0su4kZyfplxr1WnMozDxVTgPq6oSgiKudlrF3D8CBahwUJSP1VL9nLPIdKQzQsdgkfjc
.spotxchange.com/ Name: audience
Value: 4e3447d2-3ae9-11ed-a0eb-1e1d47870306
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%222BC625CF-FD75-478F-B530-1A077A662A61%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-21b1ba76-25d5-4403-4f1a-614e5f7f5795.%2BmcVwqdem0m52EjqmojNs9ygg5B86ALyHZe9rqocEAs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIbG6diXVRANPGmFOX39XldmKxGs.33Wqm5NxZoaYiGN%2FLFFRHmYp5HOSh8DFLSRBgNWqgrU
.w55c.net/ Name: wfivefivec
Value: 8nEnxfHN1OByDF5
.w55c.net/ Name: matchgoogle
Value: 5
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2NDE3Njc5MjQ5NTczODc2NTY2IiwiZXhwaXJlcyI6IjIwMjItMTAtMDdUMDI6NDI6MDMuNzc1NDE3NzM4WiJ9fSwiYmRheSI6IjIwMjItMDktMjNUMDI6NDI6MDMuNzc1NDExNTgyWiJ9
subject.com.ua/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-23T02%3A42%3A03%22%7D
.criteo.com/ Name: uid
Value: 7d666e09-2439-4891-ae5e-a772a4266e14
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_cc7fd3d7-62c3-4e1a-b4e7-938c9e7878fe
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImIzNTUxMThjLWNlMjUtNDUyNC04NmExLTM3NzVjZjNlZDBlNCIsImV4cGlyZXMiOjE2NjY0OTI5MjR9fX0=
.betweendigital.com/ Name: tuuid
Value: b77ec89e-3b13-520a-a70a-b1b7c427ad4b
subject.com.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.subject.com.ua/ Name: pubCommonId
Value: c1011268-e281-4c22-88ed-6aff85b7fc56
.subject.com.ua/ Name: cto_bidid
Value: 0bB9cV90SlBmY29aUkpkR0o4clFySEJqSSUyQm1vWG5IbU5KVnhTTHE3Z2w2QjJNd0k4SE5FRWlVMXEzNWJ5dkZ6cSUyRnRMUnc2Y2JNZkNFJTJCTWNwZVNXT24lMkZMRk5RJTNEJTNE
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~27be:195v~27be:192w~27be:175w~27be"
.betweendigital.com/ Name: ut
Value: Yy0c_AADvQgLlgFuE6v_EW-txMRk4UYKIGxqmg==
.w55c.net/ Name: matchcasale
Value: 5
.subject.com.ua/ Name: cto_bundle
Value: Xx-a5F9iQTNSQkhQTTVJQnhmZ2pGTiUyQkxaZHZoZlRHdDBqQVNkVTdubElnU0NHUFRFJTJGN0UwViUyQmRWb2FQQzJ4ZEo2MXc0YUZ0alliYXhuNlFkeE4lMkIlMkJnVFlTRmc2c2ViQWtvWXVoTzZYM2FycDVoNm9McndHNHEzclE2Rm1nJTJCR3RYZ1ZnVDBPeGpRUTFxQjhUMFZaSzFhdHRHOWclM0QlM0Q
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dSlwDIvPC_ELco_PMsytCnE3dXUOSQ7iNTQzM7Y0MLA0MjYyMXnFiMr_hcQ3MTGwBABg2kUXTQAAAA
.quantserve.com/ Name: d
Value: EEkBDQGVJ7jvsQA
.quantserve.com/ Name: mc
Value: 632d1cfc-63555-202b9-de51c
.simpli.fi/ Name: suid
Value: C0E54A0647F640FAA5588AF446B07D8B
.csync.loopme.me/ Name: viewer_token
Value: 8aa1b76e-b98e-4df6-9b80-8d84d9dff15c
.demdex.net/ Name: demdex
Value: 66801368645767839252931622188198617457
.adform.net/ Name: C
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 66801368645767839252931622188198617457
.brand-display.com/ Name: _knxq_
Value: a7b44941-77f5-3a11-02f642d6.1663900924.0.1663900924.1663900924
.ads.stickyadstv.com/ Name: UID
Value: 3383a8993b7e965586431f9c8cf1448c
.ads.stickyadstv.com/ Name: sessionId
Value: 2d5388f9546b682edb8161b11526fdd
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Yy0c.o4NIzgj8LvklyoAUwAA&4393
.adform.net/ Name: uid
Value: 4538758142278904623
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3043ce08-71c2-3860-a288-379391e40ea8
.casalemedia.com/ Name: CMTS
Value: 4470
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A73qagfYaEpEsvjSEJ3t1BA
.prebid.a-mo.net/ Name: __amc
Value: 3_1663900920_1663900925
.adnxs.com/ Name: icu
Value: ChgIjfJbEAoYAiACKAIw-Lm0mQY4AkACSAIKGQjx04ABEAoYASABKAEw_bm0mQY4AUABSAEQ_bm0mQYYAg..
pbjs.e-planning.net/ Name: CT
Value: 1
.otm-r.com/ Name: mpid
Value: NjMyZDFjZmQwZGE1MzQ0Ng==
.e-planning.net/ Name: E
Value: ADvAMTpk6MHq2SrF
.rubiconproject.com/ Name: khaos
Value: L8DVNEU9-1K-EOZU
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qonD8/Y89B21VqbBgMWySGKoH1GQZR6kujKKeUjQR5wA8Tay8zoSwDuc8eaUYYwigWHxUFRJZfD4YAXuoDlYL8AqYG1CpndbK8=

10 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2118017991491662970/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security error URL: https://f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/219301973080408064/index.html".
network error URL: https://googleads.g.doubleclick.net/pagead/s/xfa/mraid.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript error URL: https://subject.com.ua/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://subject.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd016f49d-6abd-4411-7a0f-cb0316e525e2%26reqId%3D76be5031-9f36-410a-476c-cd82d4f8e76f%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d016f49d-6abd-4411-7a0f-cb0316e525e2&reqId=76be5031-9f36-410a-476c-cd82d4f8e76f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d016f49d-6abd-4411-7a0f-cb0316e525e2&reqId=76be5031-9f36-410a-476c-cd82d4f8e76f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.rfihub.com
a.tribalfusion.com
a.vdo.ai
a.vidoomy.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.avads.net
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adserve.somplo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
an.yandex.ru
analytics.vdo.ai
ap.lijit.com
api.eu.dev2pub.com
b1h.zemanta.com
b1sync.zemanta.com
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cc.adingo.jp
cdn.admixer.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.somplo.com
clients1.google.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cs.chocolateplatform.com
cse.google.com
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d.vidoomy.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f5e80bc84f448d34ddced638c8f5ea69.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h5.vdo.ai
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
optad360.mgr.consensu.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
r.turn.com
r1---sn-aigl6ns6.gvt1.com
r1---sn-aigzrnse.c.2mdn.net
redirector.gvt1.com
rtb.adxpremium.services
rtb.openx.net
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssp.otm-r.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
subject.com.ua
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.eu.dev2pub.com
targeting.vdo.ai
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
b1h.zemanta.com
eus.rubiconproject.com
gum.criteo.com
prebid.smilewanted.com
px.adhigh.net
s.e-planning.net
spl.zeotap.com
sync.bumlam.com
sync.dmp.otm-r.com
x.bidswitch.net
104.111.242.245
104.18.18.126
104.18.19.126
104.18.24.121
108.177.15.157
135.125.160.77
141.226.228.48
142.250.185.130
142.250.185.226
147.75.85.234
15.197.193.217
15.235.42.79
151.101.66.49
159.203.145.121
162.19.138.118
169.50.137.190
172.217.18.2
172.64.104.3
172.64.105.3
174.137.133.49
178.250.0.157
178.250.0.165
18.159.233.219
185.172.90.251
185.183.112.155
185.184.10.30
185.184.8.90
185.29.134.248
185.64.190.78
185.86.137.121
185.86.137.17
185.94.180.125
188.42.196.115
193.0.160.128
193.108.153.18
198.47.127.22
2001:678:cb4:bbbb::11
212.77.98.32
212.77.99.29
213.19.147.44
216.52.2.30
23.205.235.133
23.35.228.23
23.35.236.188
23.35.236.201
23.75.240.210
2600:1f18:1aca:4282:66a7:18bc:d1f9:4f18
2600:9000:223c:c000:6:b871:4f00:93a1
2600:9000:223f:d000:1b:5138:8a40:93a1
2600:9000:225e:be00:11:a4de:2580:93a1
2600:9000:236e:bc00:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:10::ac43:2ac9
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:230b
2606:4700::6812:272
2606:4700::6813:ac6c
2607:f8b0:4008:808::2003
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4009:14::6
2a00:1450:4009:4::6
2a00:1450:400c:c04::9a
2a00:1450:400e:803::200a
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8::90
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a04:4e42::485
2a05:d018:d29:3601:2273:7c14:b4f4:8de8
3.121.84.223
3.126.157.114
3.126.56.137
31.131.26.2
34.111.151.213
34.193.201.64
34.243.140.211
34.249.157.182
34.95.81.168
34.98.64.218
35.158.53.117
35.186.253.211
35.190.0.66
35.205.207.25
35.72.52.63
37.157.5.142
37.157.6.245
37.157.6.247
37.252.173.38
37.252.173.62
44.199.43.130
50.31.142.255
51.75.86.98
51.91.60.38
52.18.137.235
52.208.181.213
52.222.214.2
52.28.123.190
52.46.143.56
52.48.144.255
54.36.238.155
54.39.16.115
63.251.232.165
66.155.71.150
69.173.144.139
69.173.144.165
70.42.32.159
76.223.111.18
8.43.72.97
88.99.28.61
00579b7f18e309bc45e20e12c262dbf58f2225ce82aabe6ff1d3df23a09644fa
0099c5ae56d654046158f5ad31934f064044f114e8e9a9dfb825d444d8988cb7
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0268922ce606e1bec6035cdf831c5ce3a46275f0dec9c47b8187c94f749c568b
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
06098f549be54d29962bd7d34bdd3b8860559cd87614b57317586ae1f3f15a89
09c6c3ad5d074c9d694424f9744f2ada34b537face238a1d2f3f05ef5bc0d01b
0a028be179eb930a2c843baaeecd40588cca7f1f82f7ece7ef08868b030e4c0b
0b5181c774ee6ddea0f647ebfe46cc19ff323577a057c8140cf1e1578eee5161
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d
0db1f99730ce36725892ee85b10c16e8d10ed3e315ae69becbf47a7473928cb9
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b0ccd2d8f2f6821d0a61a0688f7d6130365397fc30a11a784f4e1b05af9275
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
14a99faee7a1c2054622c6f923c351ccab4f041fbde76bddd11b2387efa1d01e
154a4bc30b48583d0db41afe475b50c7a7c0e3efd327e3c7d768d2fb790769e8
16428697adc791242fefb2fbce2e3022530e9367263913cc1f152806e89d7009
165773512617a67a1a8a6579adddf826cb68220fab5c34fca6247ca36e5d1753
170ccb23b389a28270eb233be30f74f063a8cfe8bf35dc74fb9355f451d3b76f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1846e03b8024d05ea53f8822fcb40469f3664059caab6efa8d3c485db4e422a1
184b2cc50eae531c5921def1837839aafa237351e093c0c25035472a9963ba7b
1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
216ee741ba5f0a16e156d2e8ed044215f2d4836fbbe3d2eef071a98a7d2405ac
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
2667b5d357bb7a8ccdf9452f45ce34296124252f07c62e0af48e85f77e2ffab5
284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9
2a951ac92c418022235c97c9f3ebee0d29306143b80a93870608c15dff8c0421
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909
2b22220b68d010a5d868391e906afce4fea69692578ca5bab156da1fa8400178
2b3e2efa69ce81d8941a38f314919fb95860a941e353b9e1fa4ae9707e09f471
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0ec337a48dcc7ef323b0a5c6afcd8140d024605528f9f852912eefc94eea09
2fe0bd06904476041375308b6c7f04721b3cd414249be84f512dd58af34c2b51
32036bccb48d4b60d1d0f14301dbc81e509b10f57673851b274405d60b5cd2e6
3272737fdc1f6034d21fd36ed5d459e084c257ca3cb352136e59c63708145fed
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
3774f96df5da66523ee060a53a0b5221a2dbdf5d5f542e8f63b54fc1d4ca07d2
3798fbee8009a9d9885fd40fcced87c92f355732fdf1a868b8224c647fc9c54c
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37fdb767af7b175be46f63af1597b5dabad7e13f981adff881cb73de2023e180
38407335479100007e0493b032b282f32873ba50ca97af1c65c4744db4bd0bdf
38561c5f3d4a119c5e4e70d91eb6dad76fa92d8e231eaaf8bdff54431a41aa87
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3ac07bf613ccd44e18438ee498552b34e3accf9743aa459cce46e974ec10eda1
3c0a464c2bca4e205512aa3af06ca7e28f43c8cece0bc6c76b02b33ccadb27f3
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
44b6fd757136eaca04ede9b88edffc5b778f71a5455f61ad0b36ff947f867352
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc
486903c47908c435a7ce9ab2ada3b762fe737040f0f6b3656c188d86d283c433
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a3ac82434719cb8f0fb33f1918435c35d7e5d8e1b8656c57814e3dc085f7244
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db78130d7048b35bea5a13cb623f70dcf49e35b0ca1810fa85853d7da77b84f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525cab072c5864661f73a1a18afdc3f43b6f566e1e8a134a02102d099bfc21aa
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53865e4e8e66d64a525bcf61da08fafef31722a436e31bdfbdf52603d3b12489
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ba0c3f8fae20a4ab419e0dd6dd251ce4c2d9cc5dda63347c8210ad2d17614f
570c365b33117fa839ab55f8e38653fd994ea0272c3c68de2ff594e91afed3d5
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
5870e9220bcbfc62e8693a8bf53ee65e038100411cee126994bf5dfe63618309
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
595704afa350439f76bae3d4c26b9186139d698a50dcdd1692488b0a15c3dc67
59fb3ae6628f49cd59240a81befb930cb385b9ac950c834e95e16be2daf02d40
5a4080a21613d4e61af67e3a64c458d61d296eb1baad8e586b065710e2f15f28
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c79ba365dba798d3b9759bc060ee3473bc8c58967e4983a16db363760a9f32b
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
606fb9faa791f219a45d8066e84b94c6c036b00cec4084346c976bb289bfd95d
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61539205d56624d72efb22ae6dc279637588ba1c0f5725047d1767126ea0130b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
639bfb4c91c8b82c785101b4af5bae2fd77b6357f97ea6715c61d774a0627e0d
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69d397edaa2d39593d259a074460a34c763bf59d5c696364c2fa81eb9e6669be
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2
732d599a529228ca1fd6256856f6cb18d9534805d6b8b08244fb021d5186be35
745f2f2980e34ebf4f6f8ec05be85519f0d2239e72d15730105d8a349a84771f
76e9a6570fc2330985d8b8608b9bc0bcf7824655cb183109975e38b4a207139c
773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337
783199d2aecd5c43a7e3d21a7bea7ca58c6577ac3bc029353fca015d351f7737
7873cc09e42108ba1e5e6e939078f0c8bb15ce7e1f544558ab2b626d555c7d84
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
7b994cdb4ddd870f8aff54ab0e8bcc64969c84ac69a3585307269237def4bcd1
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7d30f6a2e507666a47c241d5d08da97b05388eef0f55f872c2c105bb7da9c18c
7e5b35e170fa0ea667482b0a3a10fa2c2b08bbc10d03aa6aa728c147d9faebc6
80d5f04ec8f592e6f5852f1b6dbb10fa30485fd85285b02184de5abd7b1d970e
823ae5c6dba4e1f8fa0d7c89fe3bf57f3073424c69e957883f6ddaf35f6a0782
833499698582f8520fa28977d08b7eb6f94d4c6ad55b35ee444ca0746da65293
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838a1318bca74a819bd3e402a753c25b66a7d5da2706666a2d1c3940795f7c47
839bff430f9c12fbcd0d6f3a8a0751dab95d0a554d309ec0522b29d12c18472f
860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
87a2fde3736d8c20af98a35e066026e592a7835578e0b7cfec2ed96196b6ddc7
88436208bbbda9102a609fb75ef4cf205dbdcfa4042e8c11307ca1764f82bf09
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
9138881c14f9b1035d81fb2ce6443ffc5da041104455a117146952a645b2ce4b
921f745101206978b094d9a98bc47b50f9838bb836ecece4722f439ba0ff3d30
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
974e273832eda34a4be17276099fc4b24df1c01ce07fcd52e89d8a023dd1c4f0
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9956d0958fbb27dbb9bfa1ec2986a2817ffd0bd9338fde0680f802ffda951d4c
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9fcafe88499c819fe0437001cb6fcee51d0e200f938efdff94c62fe891833fd6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ab3a61ad718519ffa83539aa6bcd00dee7c2503cb5b8de30e54a17e578dc17
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2b3125d2fde880c06e4bf293ed459efb09683c4277d1196695e443d2ef73bc2
a2da90c8f84fabae377d21f899696fc7a0ba33f0716189ec1f738605f815952e
a2ed61e0bc0a47470a31a4ae6e2d9bbcf97092b8f473456867319bb73ac89deb
a4419aae3c6d7ac5591ca891844b14a4443107883cb4c30b1563c83abcf3fc02
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a674675ce76e244d105151ddd87c2ac0e387e9fb41164451b6d6a5869e8bc926
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82620bb829f6f2a39b97fc23c4481e2dcc349462992cd5c36416596f6ffaa47
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab21cd22e33ce9dc936c599a8b108c9a4af24eadafc1e4221e1d5e10b1ca2656
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ac613d339405626620e432b934caad1aa7eef3d78884f2d1e45d5fc5d371c992
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af6940e7461e40daf9fc63c7d8d094615e0d8ede8ef04d4e8cfa7ee0bdf77349
b0a32f986b6d3a2ce76f9302f1e34cab00d885324f923705fa915d8c3240c006
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1adbcb5d1201ca02be781fba4da2c84a47a179e09fbf45db3423be4bf194943
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b620e372603cc4456c6dc951b0e5842a4b547082cf5afb43a9ec4197608924de
b632555e0646a3374ce5b1891ae22c3ac1aba0502b6335c114ec86e6d12d866d
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
b7ca1a9ec4d510bed926335cbffb442ecb2ecdb52ab0ff40c26c6f46576630ab
b7e3c8e50ba4e00bee3108e66901cd4a96423e02f8cc08cb84bc01e50e0945a8
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc69152cba66affa5143a503a688298672179fe645c91e0e81762452400c0bed
bdda94663e22f91ccc82dc5d2a832499c5ef38cade6858209f16d78062be9c55
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c306e28e0bee813d17d19f7762208b259bf3075f7d87f218df4c4d1c72b518a0
c32a99364965a63bf56ca71e8bc07652b0736f267e570ec9a6d3460be149fb9d
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c44107f8469836a839d64a2cd0cf1e01e5d081c1def538c37e9d7af72ff496c8
c77d76b79ca5c885e274de881b3e76eaafe89137c60a80e65039e0662481b223
cdc74ae324785ad94ab1e4c669fda7f73600705f8e43c095ee139a755c0369fd
cf79e88f846318ed6fe5be243a01a436838f4483cbea8590bc0b98c7ec41cf0e
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d08d27871235ff16ae8c74815fbbaf44e5544e30406cf957e241371838c4fd9c
d0ab5b3d8cf9c68c1b0db7a4319721a3346f442f4962c9034ba2b01c0871be27
d0bf795d3cc0553dc54bf138eb47bdabf2bc4ad8b0a5554438799ca805d023d7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d191188a675a25eac4fb99febdbdaa6d5ac9a0910a55aaa06e9534299e1c0048
d1ecd0e7e7549ab79ff8979f7225cf7a683a60c43d9478e3a5adec6214bea560
d4443a934c7caf5b36d6c6471929673f3d4f44e37a093206fd198760c1011d83
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d51f907642abdc5b219f45f23396e77b8c2d20e33d0398cbcf73d5e9f79a4aec
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6b1ae1e6b0fb3701d02a0904b4c0bd34e19a8d606aded23186d85807a7ea19e
d74ae61c735de8a091b6e4a4ee5ea1e4e7b522538fc4c6843e328eb6368231dc
d861f34e956dc448f749333bc4fb2e64f0f1d75d7fd87e8c02d58330997361b1
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d96cfc1e3ca03100bbbc0750dbe15b85ecc539a088736db69cd78c8b7dead0a9
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5
db53a217e67039c0b9ebc071dd0b28043e297082e83e144669e80c28e5df8596
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
de15a255916e9193497fbc0bbbcf00a20b835d1972fa26abb9d0a0bd4c665eb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8938e356488483d6e19e832c87fe7d8594d34e01abc1ca205bd841a93b5a420
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed8e182f07835798f8c0809c9752432d474be06e01d1b76c6edb461dd9da2fdf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2
f415cb6a326034f8bb0bf49096a985573631a3d79f31dd9981bb412a86bfae05
f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d
f575e41825841f23fc9b0524e4d67f6cf4861dd5025e9b0b2adc23e4f76c7abd
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f89e4b01b01ece06fd39795d0f52828af0fad65cdebee77c4da69bc8020385b5
f94532cee6f3fb58efe3c8ce1c17c6820a35f52ed90d846136cd272cd36103bb
fa3d61995a15533ea5aa9a0da0cb4d23917572e235a1b83c7f9ca92f2d9571a8
fd22fa1c1504fdd3732c8040d30c5dc83da65787afb103a78308eaff15a5d852
fd2970cdf054765d47c9da95312c9a308eeeb0d1f0a3d754b3159272d65c98c9