urlscan.io logo urlscan.io
SecurityTrails logo

www.kufar.by Open in urlscan Pro
134.17.16.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.dba.dk-online-pay.online/
Effective URL: https://www.kufar.by/listings
Submission: On March 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 12 countries across 119 domains to perform 813 HTTP transactions. The main IP is 134.17.16.243, located in Minsk, Belarus and belongs to MTSBY-AS, BY. The main domain is www.kufar.by.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 2nd 2019. Valid for: 2 years.
This is the only time www.kufar.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 92.119.114.139 204601 (ON-LINE-D...)
40 134.17.16.243 25106 (MTSBY-AS)
11 2a02:6b8:20::215 13238 (YANDEX)
2 18 2a02:6b8::90 13238 (YANDEX)
7 142.250.186.162 15169 (GOOGLE)
2 130.193.49.123 200350 (YANDEXCLOUD)
1 4 146.59.10.80 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 31 142.250.185.66 15169 (GOOGLE)
2 13.226.159.100 16509 (AMAZON-02)
3 18 2a02:6b8::1:119 13238 (YANDEX)
3 217.69.133.145 47764 (MAILRU-AS...)
4 87.240.190.72 47541 (VKONTAKTE...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8::16b 13238 (YANDEX)
1 13.226.159.24 16509 (AMAZON-02)
2 6 2a00:1450:400... 15169 (GOOGLE)
27 2a02:2638:1::3 44788 (ASN-CRITE...)
3 11 23.111.200.118 7979 (SERVERS-COM)
1 185.184.8.30 204995 (RTB-HOUSE...)
2 99.81.248.185 16509 (AMAZON-02)
5 34.241.141.160 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
12 13.32.21.47 16509 (AMAZON-02)
3 11 2a00:1450:400... 15169 (GOOGLE)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a02:6b8::184 13238 (YANDEX)
14 178.250.2.131 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 13.226.159.99 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 5.254.23.213 3223 (VOXILITY)
23 23 35.157.13.31 16509 (AMAZON-02)
13 13 185.29.135.233 30419 (MEDIAMATH...)
2 2 193.232.148.145 48061 (UMA-TECH-AS)
4 6 72.251.249.9 29791 (VOXEL-DOT...)
9 9 31.172.81.160 44066 (DE-FIRSTC...)
4 4 31.172.81.172 44066 (DE-FIRSTC...)
2 34.248.155.99 16509 (AMAZON-02)
22 59 185.33.221.11 29990 (ASN-APPNEX)
2 54.220.47.170 16509 (AMAZON-02)
2 2 18.193.144.52 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
12 185.86.138.16 201081 (SMARTADSE...)
12 184.31.84.150 20940 (AKAMAI-ASN1)
7 19 37.157.6.241 198622 (ADFORM)
12 185.64.189.112 62713 (AS-PUBMATIC)
6 56 35.244.159.8 15169 (GOOGLE)
12 213.19.162.31 3356 (LEVEL3)
2 2 89.108.120.76 197695 (AS-REG)
5 2a00:1288:80:... 203220 (YAHOO-DEB)
1 34.95.120.147 15169 (GOOGLE)
3 2a02:6b8::158 13238 (YANDEX)
1 2a02:6b8::5:114 13238 (YANDEX)
1 2a02:6b8:a::a 13238 (YANDEX)
13 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 184.30.212.16 20940 (AKAMAI-ASN1)
25 104.108.50.124 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 9 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
8 15 52.51.224.103 16509 (AMAZON-02)
11 11 151.101.114.49 54113 (FASTLY)
1 8 2a00:1288:110... 34010 (YAHOO-IRD)
1 2 88.99.213.228 24940 (HETZNER-AS)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
6 88 23.210.249.164 16625 (AKAMAI-AS)
30 23.210.249.92 16625 (AKAMAI-AS)
12 23.210.249.83 16625 (AKAMAI-AS)
1 88.99.70.162 24940 (HETZNER-AS)
5 5 2620:116:800d... 16509 (AMAZON-02)
6 185.64.190.78 62713 (AS-PUBMATIC)
5 5 2001:678:cb4:... 56396 (TURN)
1 2 35.227.252.103 15169 (GOOGLE)
3 3 3.127.88.255 16509 (AMAZON-02)
6 6 52.50.99.220 16509 (AMAZON-02)
22 22 54.228.192.197 16509 (AMAZON-02)
1 25 185.64.189.110 62713 (AS-PUBMATIC)
4 4 185.86.139.89 201081 (SMARTADSE...)
7 7 198.148.27.140 19189 (PULSEPOINT)
4 8 2a02:fa8:8806... 41041 (VCLK-EU-SE)
10 10 66.155.71.150 13768 (COGECO-PEER1)
1 18.185.187.62 16509 (AMAZON-02)
5 5 94.23.73.243 16276 (OVH)
2 2 51.210.112.63 16276 (OVH)
2 2 52.30.234.204 16509 (AMAZON-02)
1 34.120.25.144 15169 (GOOGLE)
2 34.96.105.8 15169 (GOOGLE)
2 4 52.95.124.165 16509 (AMAZON-02)
5 5 3.231.119.144 14618 (AMAZON-AES)
2 51.178.20.139 16276 (OVH)
6 9 169.50.137.190 36351 (SOFTLAYER)
2 3.123.45.2 16509 (AMAZON-02)
6 9 213.19.147.150 26120 (RHYTHMONE)
7 7 193.0.160.129 54312 (ROCKETFUEL)
2 2.19.33.95 20940 (AKAMAI-ASN1)
4 4 18.184.153.186 16509 (AMAZON-02)
6 8 18.156.0.31 16509 (AMAZON-02)
2 23.210.248.12 16625 (AKAMAI-AS)
1 52.44.116.71 14618 (AMAZON-AES)
1 116.202.172.174 24940 (HETZNER-AS)
3 178.250.0.163 44788 (ASN-CRITE...)
6 6 213.155.156.168 1299 (TELIANET ...)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
3 42 185.64.190.80 62713 (AS-PUBMATIC)
5 72.251.241.206 29791 (VOXEL-DOT...)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 199.232.137.44 54113 (FASTLY)
3 151.101.13.44 54113 (FASTLY)
6 9 35.227.248.159 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 77.243.60.138 42697 (NETIC-AS)
6 6 35.201.96.126 15169 (GOOGLE)
3 185.64.189.249 62713 (AS-PUBMATIC)
8 185.64.189.114 62713 (AS-PUBMATIC)
3 3 178.62.202.251 14061 (DIGITALOC...)
3 3 34.98.107.212 15169 (GOOGLE)
3 3 18.200.32.70 16509 (AMAZON-02)
3 169.197.150.7 398989 (DEEPINTENT)
2 192.132.33.46 18568 (BIDTELLECT)
1 1 52.54.178.102 14618 (AMAZON-AES)
4 4 35.205.207.25 15169 (GOOGLE)
2 2 54.236.220.178 14618 (AMAZON-AES)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 54.85.167.1 14618 (AMAZON-AES)
5 7 37.157.6.247 198622 (ADFORM)
3 3 54.78.254.47 16509 (AMAZON-02)
2 6 2620:116:800d... 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
1 2 63.33.120.132 16509 (AMAZON-02)
2 38.27.122.126 174 (COGENT-174)
2 2 35.210.53.219 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
813 109
1    92.119.114.139 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
www.dba.dk-online-pay.online
40    134.17.16.243 (Minsk, Belarus)

ASN25106 (MTSBY-AS, BY)
PTR: 243-16-17-134-cloud.mts.by
www.kufar.by
content.kufar.by
11    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
18    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    130.193.49.123 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
api.mindbox.ru
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaby.hit.gemius.pl
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
31    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
cm.g.doubleclick.net
2    13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net
static.hotjar.com
vars.hotjar.com
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
3    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
4    87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com
vk.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
2    2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
matchid.adfox.yandex.ru
1    13.226.159.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-24.dus51.r.cloudfront.net
script.hotjar.com
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
27    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
11    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
adfox-c2s-ams.creativecdn.com
2    99.81.248.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-248-185.eu-west-1.compute.amazonaws.com
cre-api.kufar.by
5    34.241.141.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
cis.mpianalytics.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
adservice.google.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com
11    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    13.32.21.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-47.fra56.r.cloudfront.net
yams.kufar.by
11    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
avatars.mds.yandex.net
14    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    13.226.159.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-99.dus51.r.cloudfront.net
hintfly.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    5.254.23.213 (Frankfurt am Main, Germany)

ASN3223 (VOXILITY, GB)
cache.betweendigital.com
23    35.157.13.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-31.eu-central-1.compute.amazonaws.com
x.bidswitch.net
13    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    193.232.148.145 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
6    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
ce.lijit.com
9    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.sniperlog.ru
4    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    34.248.155.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-155-99.eu-west-1.compute.amazonaws.com
api.houston.advgo.net
59    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    54.220.47.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-47-170.eu-west-1.compute.amazonaws.com
collector.mpianalytics.com
2    18.193.144.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
1    2a03:2880:f01c:8004:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)
cx.atdmt.com
12    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
12    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
12    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
19    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
12    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
56    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
12    213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
x01.aidata.io
5    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pr.ybp.yahoo.com
s.yimg.com
ads.yahoo.com
1    34.95.120.147 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ox-delivery-prod-europe-west1.openx.net
3    2a02:6b8::158 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
storage.mds.yandex.net
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
ysa-static.passport.yandex.ru
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
13    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
25    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
15    52.51.224.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
match.adsrvr.org
11    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
8    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    88.99.213.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de
sync.1dmp.io
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
88    23.210.249.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
30    23.210.249.92 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    23.210.249.83 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    88.99.70.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: a03.smtp.rees46.com
api.rees46.com
5    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    3.127.88.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
6    52.50.99.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
22    54.228.192.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
25    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
7    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
8    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
10    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.185.187.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-187-62.eu-central-1.compute.amazonaws.com
match.justpremium.com
5    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
green.erne.co
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    52.30.234.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
public-prod-dspcookiematching.dmxleo.com
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
4    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    3.231.119.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
9    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    3.123.45.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
j.mrpdata.net
9    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2.19.33.95 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-33-95.deploy.static.akamaitechnologies.com
ad.yieldlab.net
4    18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
8    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    23.210.248.12 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com
sync.teads.tv
1    52.44.116.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    116.202.172.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.172.202.116.clients.your-server.de
csync.loopme.me
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    213.155.156.168 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
42    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
6    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
3    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
9    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
6    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
6    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
3    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
8    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
3    18.200.32.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    52.54.178.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
4    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
2    54.236.220.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
2    2606:4700:3039::6815:c01b (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    54.85.167.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
7    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
6    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
2    63.33.120.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-120-132.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pool.admedo.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
Apex Domain
Subdomains		 Transfer
126 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
488 KB
76 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
110 KB
71 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
254 KB
59 openx.net
adpone-d.openx.net
ox-delivery-prod-europe-west1.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
19 KB
54 kufar.by
www.kufar.by
content.kufar.by
cre-api.kufar.by
yams.kufar.by
1 MB
47 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
146 KB
45 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
147 KB
40 yandex.ru
an.yandex.ru
mc.yandex.ru
matchid.adfox.yandex.ru
ysa-static.passport.yandex.ru
yandex.ru
272 KB
30 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
5 KB
27 criteo.net
static.criteo.net
653 KB
26 adform.net
adx.adform.net
c1.adform.net
10 KB
24 indexww.com
js-sec.indexww.com
23 KB
23 bidswitch.net
x.bidswitch.net
7 KB
22 bidr.io
match.prod.bidr.io
10 KB
18 yahoo.com
pr.ybp.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
14 KB
16 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
7 KB
15 adsrvr.org
match.adsrvr.org
6 KB
15 googlesyndication.com
2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
191 KB
14 hintfly.com
hintfly.com
136 KB
13 mathtag.com
sync.mathtag.com
7 KB
13 google.com
analytics.google.com
adservice.google.com
www.google.com
1 KB
12 adpone.com
hb.adpone.com
1 MB
12 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
6 KB
11 quantserve.com
pixel.quantserve.com
4 KB
11 everesttech.net
sync-tm.everesttech.net
2 KB
11 yastatic.net
yastatic.net
421 KB
10 sitescout.com
pixel-sync.sitescout.com
6 KB
10 google.de
www.google.de
1 KB
9 tapad.com
pixel.tapad.com
2 KB
9 simpli.fi
um.simpli.fi
4 KB
8 dotomi.com
openx2-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
1 KB
8 bumlam.com
sync.bumlam.com
5 KB
7 rfihub.com
p.rfihub.com
5 KB
7 1rx.io
sync.1rx.io
3 KB
7 contextweb.com
bh.contextweb.com
5 KB
7 mpianalytics.com
cis.mpianalytics.com
collector.mpianalytics.com
4 KB
6 fiftyt.com
visitor.fiftyt.com
3 KB
6 semasio.net
uipglob.semasio.net
4 KB
6 taboola.com
trc.taboola.com
match.taboola.com
2 KB
6 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
4 KB
6 de17a.com
d5p.de17a.com
2 KB
6 scoota.co
r.scoota.co
4 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
3 KB
5 adgrx.com
cm.adgrx.com
2 KB
5 ipredictive.com
sync.ipredictive.com
2 KB
5 erne.co
green.erne.co
1 KB
5 turn.com
ad.turn.com
2 KB
5 ampproject.org
cdn.ampproject.org
99 KB
5 yandex.net
avatars.mds.yandex.net
storage.mds.yandex.net
342 KB
5 google-analytics.com
www.google-analytics.com
54 KB
4 avads.net
ads.avads.net
1 KB
4 advertising.com
pixel.advertising.com
1 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com Failed
3 KB
4 adsniper.ru
sync3.adsniper.ru
3 KB
4 vk.com
vk.com
23 KB
4 googleadservices.com
www.googleadservices.com
27 KB
4 gemius.pl
gaby.hit.gemius.pl
12 KB
3 exelator.com
loadm.exelator.com
2 KB
3 deepintent.com
match.deepintent.com
99 B
3 gumgum.com
rtb.gumgum.com
1006 B
3 playground.xyz
ads.playground.xyz
968 B
3 bidtheatre.com
match.adsby.bidtheatre.com
2 KB
3 adition.com
dsp.adfarm1.adition.com
1 KB
3 w55c.net
pm.w55c.net
2 KB
3 yimg.com
s.yimg.com
103 KB
3 gstatic.com
fonts.gstatic.com
41 KB
3 mail.ru
top-fwz1.mail.ru
11 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
62 KB
2 admedo.com
pool.admedo.com
783 B
2 bnmla.com
match.bnmla.com
114 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 avct.cloud
ads.avct.cloud
888 B
2 eqads.com
um2.eqads.com
563 B
2 ad4m.at
ad4m.at
2 extend.tv
sync.extend.tv
1 KB
2 bttrack.com
bttrack.com
760 B
2 zeotap.com
mwzeom.zeotap.com
983 B
2 teads.tv
sync.teads.tv
344 B
2 yieldlab.net
ad.yieldlab.net
1 KB
2 mrpdata.net
j.mrpdata.net
75 B
2 dyntrk.com
gu.dyntrk.com
430 B
2 blismedia.com
tr.blismedia.com
250 B
2 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net Failed
1 KB
2 onaudience.com
pixel.onaudience.com
1021 B
2 tns-counter.ru
www.tns-counter.ru
707 B
2 1dmp.io
sync.1dmp.io
788 B
2 aidata.io
x01.aidata.io
1011 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 advgo.net
api.houston.advgo.net
515 B
2 adhigh.net
px.adhigh.net
915 B
2 googletagservices.com
www.googletagservices.com
63 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 facebook.com
www.facebook.com
750 B
2 facebook.net
connect.facebook.net
94 KB
2 googletagmanager.com
www.googletagmanager.com
113 KB
2 mindbox.ru
api.mindbox.ru
19 KB
1 advangelists.com
nep.advangelists.com
232 B
1 loopme.me
csync.loopme.me
130 B
1 adentifi.com
rtb.adentifi.com
88 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
176 B
1 justpremium.com
match.justpremium.com
323 B
1 rees46.com
api.rees46.com
158 B
1 rlcdn.com
id.rlcdn.com
66 B
1 sniperlog.ru
sync3.sniperlog.ru
297 B
1 atdmt.com
cx.atdmt.com
823 B
1 google.ch
adservice.google.ch
165 B
1 creativecdn.com
adfox-c2s-ams.creativecdn.com
206 B
1 dk-online-pay.online
www.dba.dk-online-pay.online
256 B
0 ctnsnet.com Failed
cm.ctnsnet.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 owneriq.net Failed
px.owneriq.net Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 creative-serving.com Failed
ads.creative-serving.com Failed
813 119
Domain Requested by
46 ib.adnxs.com 10 redirects hb.adpone.com
acdn.adnxs.com
42 simage2.pubmatic.com 3 redirects image6.pubmatic.com
ads.pubmatic.com
39 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
um2.eqads.com
39 content.kufar.by www.kufar.by
30 ads.pubmatic.com hb.adpone.com
ads.pubmatic.com
27 cm.g.doubleclick.net 23 redirects eus.rubiconproject.com
eu-u.openx.net
27 static.criteo.net yastatic.net
www.kufar.by
hb.adpone.com
static.criteo.net
25 image2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
25 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
hb.adpone.com
24 js-sec.indexww.com hb.adpone.com
ssum-sec.casalemedia.com
23 eu-u.openx.net 3 redirects hb.adpone.com
eu-u.openx.net
23 x.bidswitch.net 23 redirects
22 match.prod.bidr.io 22 redirects
21 us-u.openx.net 3 redirects eu-u.openx.net
18 mc.yandex.ru 3 redirects www.kufar.by
an.yandex.ru
mc.yandex.ru
yastatic.net
18 an.yandex.ru 2 redirects www.kufar.by
yastatic.net
an.yandex.ru
15 match.adsrvr.org 8 redirects eus.rubiconproject.com
eu-u.openx.net
ssum-sec.casalemedia.com
14 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
14 c1.adform.net 12 redirects image6.pubmatic.com
14 hintfly.com www.kufar.by
hintfly.com
14 bidder.criteo.com static.criteo.net
hb.adpone.com
13 gum.criteo.com static.criteo.net
13 secure.adnxs.com 12 redirects content.kufar.by
13 sync.mathtag.com 13 redirects
12 acdn.adnxs.com hb.adpone.com
12 fastlane.rubiconproject.com hb.adpone.com
12 adpone-d.openx.net hb.adpone.com
12 hbopenbid.pubmatic.com hb.adpone.com
12 adx.adform.net hb.adpone.com
12 htlb.casalemedia.com hb.adpone.com
12 prg.smartadserver.com hb.adpone.com
12 hb.adpone.com hintfly.com
12 yams.kufar.by www.kufar.by
11 dsum.casalemedia.com ssum-sec.casalemedia.com
11 pixel.quantserve.com 7 redirects ssum-sec.casalemedia.com
11 sync-tm.everesttech.net 11 redirects
11 www.google.com 3 redirects www.kufar.by
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.kufar.by
cdn.ampproject.org
tpc.googlesyndication.com
11 ads.betweendigital.com 3 redirects yastatic.net
www.kufar.by
eus.rubiconproject.com
11 yastatic.net www.kufar.by
yastatic.net
an.yandex.ru
10 pixel-sync.sitescout.com 10 redirects
10 www.google.de www.kufar.by
9 pixel.tapad.com 6 redirects image6.pubmatic.com
9 um.simpli.fi 6 redirects ads.pubmatic.com
image6.pubmatic.com
8 ups.analytics.yahoo.com 6 redirects eu-u.openx.net
8 pr-bh.ybp.yahoo.com 1 redirects eu-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
8 sync.bumlam.com 8 redirects
8 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
www.kufar.by
7 p.rfihub.com 7 redirects
7 sync.1rx.io 5 redirects eu-u.openx.net
7 bh.contextweb.com 7 redirects
7 securepubads.g.doubleclick.net www.kufar.by
securepubads.g.doubleclick.net
www.googletagservices.com
6 visitor.fiftyt.com 6 redirects
6 uipglob.semasio.net 3 redirects ads.pubmatic.com
6 d5p.de17a.com 6 redirects
6 r.scoota.co 6 redirects
6 image6.pubmatic.com ads.pubmatic.com
5 image4.pubmatic.com ads.pubmatic.com
5 cm.adgrx.com image6.pubmatic.com
ssum-sec.casalemedia.com
5 sync.ipredictive.com 5 redirects
5 green.erne.co 5 redirects
5 ad.turn.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cis.mpianalytics.com content.kufar.by
www.kufar.by
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.kufar.by
4 casale-match.dotomi.com 4 redirects
4 ads.avads.net 4 redirects
4 ce.lijit.com 2 redirects eu-u.openx.net
4 pixel.advertising.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects eu-u.openx.net
4 rtb-csync.smartadserver.com 4 redirects
4 pixel.rubiconproject.com eus.rubiconproject.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 sync3.adsniper.ru 4 redirects
4 vk.com www.kufar.by
4 www.googleadservices.com 2 redirects www.googletagmanager.com
yastatic.net
4 gaby.hit.gemius.pl 1 redirects www.kufar.by
gaby.hit.gemius.pl
3 simage4.pubmatic.com ads.pubmatic.com
3 loadm.exelator.com 3 redirects
3 match.deepintent.com ssum-sec.casalemedia.com
3 rtb.gumgum.com 3 redirects
3 ads.playground.xyz 3 redirects
3 pubmatic-match.dotomi.com ads.pubmatic.com
3 match.adsby.bidtheatre.com 3 redirects
3 aud.pubmatic.com ads.pubmatic.com
3 match.taboola.com image6.pubmatic.com
3 trc.taboola.com 3 redirects
3 s.tribalfusion.com image6.pubmatic.com
3 a.tribalfusion.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 dis.criteo.com image6.pubmatic.com
3 pm.w55c.net 3 redirects ssum-sec.casalemedia.com
image6.pubmatic.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 s.yimg.com pr.ybp.yahoo.com
hintfly.com
3 storage.mds.yandex.net yastatic.net
www.kufar.by
3 fonts.gstatic.com fonts.googleapis.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 top-fwz1.mail.ru www.kufar.by
top-fwz1.mail.ru
2 pool.admedo.com 2 redirects
2 match.bnmla.com image6.pubmatic.com
2 sync.targeting.unrulymedia.com 1 redirects image6.pubmatic.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ads.avct.cloud 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 ad4m.at ssum-sec.casalemedia.com
2 sync.extend.tv 2 redirects
2 bttrack.com ssum-sec.casalemedia.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 sync.teads.tv eu-u.openx.net
2 ad.yieldlab.net eu-u.openx.net
2 j.mrpdata.net eu-u.openx.net
2 gu.dyntrk.com eu-u.openx.net
ssum-sec.casalemedia.com
2 tr.blismedia.com eu-u.openx.net
2 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 rtb.openx.net 1 redirects eu-u.openx.net
2 www.tns-counter.ru 1 redirects
2 sync.1dmp.io 1 redirects
2 x01.aidata.io 2 redirects
2 a.sportradarserving.com 2 redirects
2 collector.mpianalytics.com content.kufar.by
2 api.houston.advgo.net content.kufar.by
2 ap.lijit.com 2 redirects
2 px.adhigh.net 2 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 avatars.mds.yandex.net www.kufar.by
2 www.facebook.com 1 redirects www.kufar.by
2 cre-api.kufar.by content.kufar.by
2 matchid.adfox.yandex.ru yastatic.net
2 connect.facebook.net www.kufar.by
connect.facebook.net
2 www.googletagmanager.com www.kufar.by
www.googletagmanager.com
2 api.mindbox.ru www.kufar.by
api.mindbox.ru
1 nep.advangelists.com 1 redirects
1 csync.loopme.me eu-u.openx.net
1 rtb.adentifi.com eu-u.openx.net
ssum-sec.casalemedia.com
1 public-prod-dspcookiematching.dmxleo.com
1 match.justpremium.com eu-u.openx.net
1 openx2-match.dotomi.com eu-u.openx.net
1 api.rees46.com
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 yandex.ru yastatic.net
1 ysa-static.passport.yandex.ru www.kufar.by
1 ox-delivery-prod-europe-west1.openx.net hb.adpone.com
1 pr.ybp.yahoo.com hb.adpone.com
1 sync3.sniperlog.ru 1 redirects
1 cx.atdmt.com www.kufar.by
1 cache.betweendigital.com ads.betweendigital.com
1 vars.hotjar.com static.hotjar.com
1 2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ch securepubads.g.doubleclick.net
1 adfox-c2s-ams.creativecdn.com yastatic.net
1 script.hotjar.com static.hotjar.com
1 analytics.google.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.kufar.by
1 www.dba.dk-online-pay.online 1 redirects
0 cm.ctnsnet.com Failed ssum-sec.casalemedia.com
0 ums.acuityplatform.com Failed ssum-sec.casalemedia.com
0 beacon.lynx.cognitivlabs.com Failed ssum-sec.casalemedia.com
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 ads.stickyadstv.com Failed ssum-sec.casalemedia.com
0 onetag-sys.com Failed cache.betweendigital.com
0 bcp.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 px.owneriq.net Failed ssum-sec.casalemedia.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 ads.creative-serving.com Failed ads.pubmatic.com
813 173
Subject Issuer Validity Valid
*.kufar.by
Sectigo RSA Domain Validation Secure Server CA		 2019-10-02 -
2021-10-02		 2 years crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.mindbox.ru
Thawte RSA CA 2018		 2020-02-10 -
2021-04-10		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-24		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
cre-api.kufar.by
R3		 2021-02-08 -
2021-05-09		 3 months crt.sh
cis.mpianalytics.com
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
yams.kufar.by
Amazon		 2020-10-28 -
2021-11-27		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.avatars.mds.yandex.net
Yandex CA		 2021-03-12 -
2021-09-10		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
hintfly.com
Amazon		 2020-04-30 -
2021-05-30		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
api.houston.advgo.net
R3		 2021-02-17 -
2021-05-18		 3 months crt.sh
collector.mpianalytics.com
Amazon		 2020-12-30 -
2022-01-28		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2021-01-29 -
2021-04-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-21 -
2021-04-06		 a month crt.sh
*.storage.yandex.net
Yandex CA		 2021-03-12 -
2021-09-10		 6 months crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-03-15 -
2021-09-13		 6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
Yandex CA		 2020-10-01 -
2021-04-01		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
sync.1dmp.io
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
api.rees46.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-02-16 -
2021-05-17		 3 months crt.sh
tr.blismedia.com
GTS CA 1D2		 2021-03-03 -
2021-06-01		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
gu.dyntrk.com
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
*.mrpdata.net
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
loopme.me
R3		 2021-03-13 -
2021-06-11		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh

This page contains 150 frames:

Primary Page: https://www.kufar.by/listings
Frame ID: A23F0973FF64494418432C9E8331BB15
Requests: 163 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: B1A68800402B519ECFC2BEFC6020C635
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 7B00AFF149E8CEBD03DF1682925924EC
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO_5I26qL19M9D3W5bgDfOPpO5RA3KrKVsn2C2NrRCKt9E4Njlfbaax1iizjLZcMZ1U1eKp7NALdarxT-6flQeob34DmZZOpMHSHiJlv2zuCrXiU47rgX1iDBFkAsOHAzYGbK5_ntlX4MGlddBWNkSMAmIC3SUE-HJSLlSa1Pz-x89Fn8bSpgRbYmE1iFdqwjFFyhZrBHRGSw0geqbM6ktptEa9UFIJF6Hafdcnui2EuFSQQaAQvStwhdm4orlPAcnYyw9o9TKevnhdFW97GSQ4TTmhRQDPddMKfmc08X2NfJ6eoP3WP61GFfYktFbvaDrhmCee3MsBjp_cw&sig=Cg0ArKJSzATJrqW-tBZvEAE&urlfix=1&adurl=
Frame ID: 60EACED6C80A42972FE8540EED77F7F7
Requests: 6 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=69291ac4-30b5-514d-9155-0342f1067890&CACHEBUSTER=374972
Frame ID: 04D429D496DC8226AEC329CDC224C55A
Requests: 7 HTTP requests in this frame

Frame: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=bf015d70a3a80b28dcfcaab0028c62888&cb=8512311616083925335
Frame ID: 486C1FF90F3BCDE43F41074523205029
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=6b2026d8113c11f7a3bffd30bb4cd5ee3&cb=7599521616083925339
Frame ID: B2643735DBD3D6124FEA27F35035D236
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ed6eeb336911afb06f562c641e1127f3&cb=5646731616083925362
Frame ID: 7693778C454ECBD8833FEF9E53350A7E
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/count?i=ru2f6xrns6cv15e4g0d&a=7e9062b3199e9fdcd0b17ad4378abf223&cb=2483901616083925374
Frame ID: CBD63EE928086AEB2EBB723354B36069
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=0985d75b167cb55355af6f666d6421e43&cb=6062091616083925385
Frame ID: 9F03127E1689DF6234B86C1F651C7B1A
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=b571a97c9be7d1867fcf8fa73d68bfca3&cb=4031341616083925392
Frame ID: 263D47033CFB593AB8486637202BADF0
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=7a89c712839bf07b617492706c3ce4471&cb=7801551616083925403
Frame ID: 3937FAFB891A9589FC6F33928933BF41
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/stat?i=ru2f6xrns6cv15e4g0d&a=739f72dbfc796f625f351130631a79b57&cb=8666291616083925415
Frame ID: 12B1F2CD943202711EC1FAED584B767E
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
Frame ID: FC915617C41C630E39345EE7B5CC383E
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/syncro?i=ru2f6xrns6cv15e4g0d&a=83064ecd2103e9f1086580d44f903b249&cb=5940071616083925428
Frame ID: FBEF3502B7D4FD1E0AC9F7C2208BE3F0
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ee4dc933a02730c4861ea207900c3f39&cb=3388011616083925434
Frame ID: B5AF08883AB0114C4F404AFC51F1304D
Requests: 12 HTTP requests in this frame

Frame: https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=fb0672391895c0aae1e7aa0e53cc74483&cb=1999531616083925465
Frame ID: 80AEC60063DA0311566BEC78A65B46D2
Requests: 12 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: 903308141AAF66A0055AF26DC5F24A62
Requests: 24 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/protected/render.html
Frame ID: 385898954B338A37DAED32E06243D27B
Requests: 4 HTTP requests in this frame

Frame: https://pr.ybp.yahoo.com/ab/secure/true/imp/73P9MpCeQUsdEQxqEZPLOCcax6LRqlTzLmF6IF1LnfaU1JIIJaGzggrIWKTO1crQ5Azv-KW9nXxfPaAs7Wh9OPqJ5YFHUXozLzzSx1bhXv6VeRjNXIyzSw1q6VO6Z8eqrfmTKtU3Wz-7tAaPsNdqu_14TnG3C2Ih2mm28X8O8KSoQ97KS67fVXX2GO-VsyFnkAO_1uuWgb2_b27IbcVJKPdNevSvwBk3JNAIcdVtqfB8zKgIZ2_ApZHDhPjzhyG96JRT3GoHpyap2IX9d236yUlL8a4RxiU_VKVZEOp12K6ewnaD5HI9vwbxE8Lzx13zCL7hprW42qykRAd9X0xTR2OR89nx_wVxr6c7TiurTZC-fPgbgCQKSvYRRI08619NTMCOWE1Jzt1F1n56UpjXIffrvwzmqfFxHt95uQljy6ma2f96IVUSHuPfmIMsu2gxi0Jf9LSvokkXNg1mJd5SbmXBYKToegy5dhS5AQvaRuPLRxFi1ZFiN-lHh3-7MCdaUjsoQlWhq2m2HRCUC8F70jKuCz2tLj4la9FNxGfXE6hqHr-iMXOBSEtpln0uVMihIqaPnRFmFs9dZ4yFoVugy-vwYxfpunjGxWilhkRBSaPTJEjXwQFOhV04ugiuaEAdkeop3DRYJhaiCPU8sxv9Pd62YI9yNEH3RdbuJsJfthn_1ZeoYWYwRlLsmPoIX9-KdUxllJOZtEu5d_RXTXmcPn3PRxriCAhMwTdxw3vaMRiQlEKoF2A4MikPTEK6672QK9k5pi-aoJIOwygMp1IwdngMFiySYkTIqYIHo84dZQwe6WGM6DEnC0iT60F49EW3qm8kg9GL9gSUVOdZQ8o-V0lUb5KKne1x1gaUvxNPXeXJExndOTfB6G80DweJYFyCWtDCdgM7D01z76ZIBX0JTqDtfaMQGuGyd9dnW50pyc_sMp_3Ts0obywUl_mfON41-l-e-1VaJK8P9_J-JDeAxmyO8SlVZzPEGAfDNQ1i2pk8uThlVm9bTiEXaS5F_QYR8EFeh89YpyytlXlSxPjcP6dxAD6xPB2DKTSrOQMGvsbGtj5GtxU0XKjYRFCsFW7TrbwkwZlG12R6lXXMDCylcf4VcMbA-2DH1FOjaPeBoayIM_XI1qWGg9MM7J2yp8ythaP3XgEPs4GFFTzEcWmqbxXdzZlnH2dT-PAmrK_zn0Vdc0nUSzaghs2XbwQafHTKvkXr3LyPZ45rRsYR_TrUi2Hw47siW3EupDMTuaw7sHWYPDaP3tbHtylI4qXPpC-KvahaTCzAEYeEXFAQ9tP0nTyU3_-8Tk4z74X38Y8PCUE3eZY-8K00bwpcltqvipquwBojo1-Z-rGhONoQXB8VHYmBj6yr63iOul5uq4LFWiuBasizqObtyg0fOAJ64_K1dagHvNLEXodeuWSZs3zP4Lfb1uAeTYvawe2P4RZu5RZebnI2xDtNZL5s40N38kvN/wp/AAABeEYbwNZ-yDGMFHFj0zZI1iR3uLfzyxFeWQ
Frame ID: 529293BED4E07B93FC7EAC12C4740373
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: A2461E45788DD9667557372333807F64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F7D6BCC60CFBE6212C1D3B83A3CFA807
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 65D3C3B94108262865F451139BE303D8
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3A86E1D2E1F5CFC3BB7C67FCE653036D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: A391FC42C739D4917D55750541DC7941
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8AB9AC982973F25C04C1C3B8550E3FEE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DFD1750ADBBAC3DFCCCCC5C53472B61A
Requests: 26 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AF7FBC37197819A113AD2B08816B1238
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AF0D8C34431F8EEAA1C4B6E57B35D007
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 37BD5BE08D6F58E4A1A3C8B0507F7C2B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D5A54DD08CE7A216D3E48ADAF0E9A1F2
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: FBFC4DC6985195DBC87CB86B9782435F
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 60B2A2C65CFFBA51C45AAF9F63A04CF4
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E3CE880FDAEE0D0B5B1A1DFFFA018E87
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 128B649E99359E7007C47B10399C56BC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2D7EAF6F5CDE02A9280BD7D461142F7B
Requests: 27 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: CBD9A33D09B64ADEC6EF5E2C45E5CE95
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1F99B25FDCA7A61E20E2A6274E66C39A
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A6F277544E0FB58D5BC9CBDCE058913
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5BC07331CF1FFF3B4084563C775CF68B
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 97E3159A651449246F2034B5DE5B1026
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 92C920F55548A1C05D0483A5A2205423
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D22A677C49A7FF4057647369E4FC1E92
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 8C6ED687032D45039A8F3B33688F7604
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3F1ACF45043863FDB86AB08E9D2E9C38
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DE3AE3C00937608C5407D6F65D1244DB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B358593D25BF41633788E884C396E5EE
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FF193A0F8287FF8D874F4C427B21A8E0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0BB695A0621E3016E63D5DC4E806D363
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8FED8948895B88152F529A1F85AC10BF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3FA3286C9EEAF130F81E0157C8442FB0
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 9E65C3135E61A9BE733E981AB349A404
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D06285EB57754E8E56E4ECC2832348DF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F1E11B06C0A912B79C35009D0380CCF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0C5700F7D72ED69806EEFFADC5237F0D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 5E8C17319E63931E99BD682EE4349CEB
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4DBE6C72E0CD6D6B84199B5C0E4CB7B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7E1FF54C24FFF21C6D40A120B51CC570
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1AFB031283A53A0082E6F5434D9EB231
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2070EC31BCB72006F9DE620BFECFAF1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 81706B6FA27D9DD6908A40EFAE68C878
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E443CA4D6BDE6A66BC3DB2D384958779
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 592E35B7CCCD16138B63871DF8A6B58D
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E70B07ECB8F8EFAB94635D9E8A0FF73F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C0950FE953C02A3C2BB4F0202BDBAAF
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 84758FC840DB827946ABD92B2F05E211
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7E51BB4788545F4BA20E1E675F175B0A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E60189160EEDD53A555499689FE94B41
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7CE0D76A3095F1459EC187ED4D8AED49
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6EBA631324E274468E75605BF79FF9BB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A2C9E424F0A5BC3388CD6CB5CEEF6632
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: DD21F4A1661290A6FDB6E9E75676F001
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E9B240700F94D074429672DCEA0D7AAD
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FBAADBF188FE8C11E446EC6377F7E8CE
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 95CA26088BB0A945B3A77A455DF56D7F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D603DC3CEDC18D472E6C2EDAFC31605E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 80E99529B27E61BC3DF516275F0B9E70
Requests: 27 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 67775EF3F8DFC150FAE1E02A1E93ED2F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 215C6EA315966A1208A000C5A836B67D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 60716D010C65B17C331D4A7BFD52D06E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B13BF36D7D1609D2CEC2964DEB183F23
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2CB284A59C36CB55A5D0204F0A02F445
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: A68F1F1362AB266A942C870B75505832
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6FE1F6257D84239B41BCC23790FDCDED
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5E7F059620B4742B9D3FFA6F39D3F0B9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5A8C9214C5E53F7707B4FED6FC227F53
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BB54316D4ABB2E026075503D99DA298C
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 982BFFFA6A8FE00D67234C4A888F54BE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: D98F5B9C38DB697ABAB8814CD1667A52
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E19C658A9E5393719723A285DBBF11A3
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 061CAB3473AD0DDF4D0EBFC9157F6BFD
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: BC825FC3599AFF3625EC4D41D85D9390
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FEE4694B7F863B4E2E315D8881A2E18D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B616C61E1C10FBDA85680F4C24662717
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 635998ECD2831FE0ED6ECEDA10CEB7E8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AF8CE9552C1A434F48AD131970C95BF9
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 70F0918C05DF4F176A6A25592D1AAD07
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 05366694F87AC88789020E9707E25D21
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 013353E0EDFAD6FD78AC779371030FD7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: A7CB59331A1B0EEDD96260C9B6EAFFD7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 42F5D57B45F0EE0A2C55F4FD314D2AFA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5D8DDF87193BE5F24F838648D4CD1C9E
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: 291F249D6A5662F827793C28AC2AF833
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: F28189C60C633D6E15F241EF11A83541
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: DB2050BF185F6844D63FF128D48F521E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0C1DAD8B792360ECD338D263069816EC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5054081296408971009
Frame ID: 4E9D42A3464767453DF979D9B2AA90A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA
Frame ID: 7BA67BE65C9D9A5F303B0A0E7C18A585
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027635553695893
Frame ID: 1226E23255CA1CA61C82C0653B877D63
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B528B5E3FDD46EDF62AA4D20E2DF7D78
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AHEkt253nW7jaCcqrhRlWfiM
Frame ID: 44649B0F96EEF139B282EA878C48BA2C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8B03565D271042F115D24ED5650A7352
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=hOtmb40VcEcI&pid=557219
Frame ID: 43B7D6C601D0D327E971F59A6CBFDD69
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 196069838AC01EB2688175782F44C10E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 304E1EB38C5D97D2FCFCBD30BE76254B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cjRQy0iI1LmVfR5&gdpr=0&gdpr_consent=
Frame ID: 73144C1DBDE32E9C13B7D0705F3A1295
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 78CD5ED97DA312E8078AC6B2568409AB
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Frame ID: C364F9F15E48220858CE6DB5BC02BDDA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: EB74F4AC845007EF08FF260C9BE27319
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: E285B78754034033943F0ACD12CC1E27
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
Frame ID: 68740A12F18AD48B0614AA0AA9409683
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
Frame ID: B9CDC06EC408EFD880609C6A25E163D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A879CDB586B94BEAAC102537876D4153
Frame ID: 9F877D2D73CCBF8E186E78EC91635994
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: DB68DF20BD40B4A5855ACBE6A69AAFD7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 21B42341AB6701B95EA966C3BF06F696
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Frame ID: D29FD83DDC2D155DDEB831049CFCB6BD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5b07ApvgAABCicWKNLQ
Frame ID: 7635FC854031027B2C846BF2AA1B8339
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027657016408215
Frame ID: 9184FB1D8D0877D3DDD89FB7D869D0B1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 695B86308A53D9C90C4F66BEEAC1BAEB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Frame ID: 81A347FC4748FED51DFE39511469F249
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3FD3458BEA4E33B3B25C8F4349FDEBF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ooC02OLvVRmV&pid=557219
Frame ID: D2E9FFAC1E1161D92008D73CAAC490AD
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2439FEC702A2ED9A12666EF1BA89726C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: EFDF6F99A4C041004D626B0EC35B3887
Requests: 1 HTTP requests in this frame

Frame: https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Frame ID: 3EFE89C980AA330FB96347CBEC1A7EED
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 04D9C6AAA07B1BDCE6B80E57B2ED27EF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Frame ID: C9782B681E68366B123587A1646BBF3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzjE7ApvgAABCIhdZMLg
Frame ID: A99089D76152AF1FF31353D7B84DE664
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027661322254487
Frame ID: 20B44ED89DABD3BB454BF9C7AA51D9F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 939CFCE972ABFA831C51EC6505EC9D2F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Frame ID: D3CD1E53D923006534F81C0511FB337C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 820B3CD96BF4D54B3A7547B44CE71993
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=rp973uyIHoI8&pid=557219
Frame ID: 0192E0260DBFED1CF5B6CC927B3AFE64
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B873A87839083017A0CE5EE66057D25B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 37E2A9704018FEF7DE462474044DA1CA
Requests: 1 HTTP requests in this frame

Frame: https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Frame ID: 1E719933232787C2EE705AB8A654D710
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=60C97486-3F71-44C3-803B-BCA690ADDAEF
Frame ID: 1340D872C816A9F689E6E418AB3C30C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-92454d04-77d7-4993-b222-9fc20163b137-003
Frame ID: C3530393816BDB4F39487BD52204D7EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E093CFA0BCB4C1E8C0B0FD40740E509
Frame ID: C0E1CAD0470B505F8336317B54F38380
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: F4A40089895FE993A282DEA56D842785
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.dba.dk-online-pay.online/ HTTP 302
    https://www.kufar.by/listings Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

813
Requests

95 %
HTTPS

30 %
IPv6

119
Domains

173
Subdomains

109
IPs

12
Countries

6069 kB
Transfer

18100 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dba.dk-online-pay.online/ HTTP 302
    https://www.kufar.by/listings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687 HTTP 302
  • https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687&crf=1
Request Chain 74
  • https://mc.yandex.ru/watch/19426846?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A1518729547175%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171202%3Aet%3A1616083923%3Ac%3A1%3Arn%3A237891163%3Au%3A1616083923488741529%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616083920390%3Awv%3A2%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616083923%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8 HTTP 302
  • https://mc.yandex.ru/watch/19426846/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A1518729547175%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171202%3Aet%3A1616083923%3Ac%3A1%3Arn%3A237891163%3Au%3A1616083923488741529%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616083920390%3Awv%3A2%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616083923%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Request Chain 103
  • https://gaby.hit.gemius.pl/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kufar.by%2Flistings&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Yu5gAEhzkXmuzR1rfeg.2jFSC9D1G0rDSqMYkgFDHLD.Q7&vis=1 HTTP 301
  • https://gaby.hit.gemius.pl/__/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kufar.by%2Flistings&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Yu5gAEhzkXmuzR1rfeg.2jFSC9D1G0rDSqMYkgFDHLD.Q7&vis=1
Request Chain 146
  • https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cbivx&p2=gadt&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93 HTTP 302
  • https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cbivx&p2=gadt&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Request Chain 147
  • https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cdehi&p2=gadt&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93 HTTP 302
  • https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cdehi&p2=gadt&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Request Chain 152
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D74c70018-5682-478e-81d4-85d34abe637d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=8f986053-7bd5-4c00-8c3b-95ccc983b619&expires=30&ssp=between&bsw_param=74c70018-5682-478e-81d4-85d34abe637d HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
Request Chain 153
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=DM7Q7fpi1G.AikABlF4Rhu43w
Request Chain 154
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d&crf=1
Request Chain 155
  • https://sync.bumlam.com/?src=bw1&uid=69291ac4-30b5-514d-9155-0342f1067890 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjV982CBlIFvp7KygpiJDY5MjkxYWM0LTMwYjUtNTE0ZC05MTU1LTAzNDJmMTA2Nzg5MA** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjV982CBlIFvp7KygpiJDY5MjkxYWM0LTMwYjUtNTE0ZC05MTU1LTAzNDJmMTA2Nzg5MKIBEK58wGiIBBHrhuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjV982CBmIkNjkyOTFhYzQtMzBiNS01MTRkLTkxNTUtMDM0MmYxMDY3ODkwogEQrnzAaIgEEeuG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjV982CBmIkNjkyOTFhYzQtMzBiNS01MTRkLTkxNTUtMDM0MmYxMDY3ODkwogEQrnzAaIgEEeuG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=ae7cc068-8804-11eb-86e0-002590c0647c
Request Chain 156
  • https://mc.yandex.ru/watch/357986?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083925%3Ac%3A1%3Arn%3A994074304%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083925%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8 HTTP 302
  • https://mc.yandex.ru/watch/357986/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083925%3Ac%3A1%3Arn%3A994074304%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083925%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Request Chain 158
  • https://secure.adnxs.com/getuid?https://cis.mpianalytics.com/api/v1/sync?ANID=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcis.mpianalytics.com%2Fapi%2Fv1%2Fsync%3FANID%3D%24UID HTTP 302
  • https://cis.mpianalytics.com/api/v1/sync?ANID=3170010058389607609
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 192
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=33357bd9-6237-4e17-b255-5916e0ff485f&ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
Request Chain 196
  • https://www.facebook.com/tr/?id=558642698030285&ev=Microdata&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&rl=&if=false&ts=1616083926186&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%22%2C%22meta%3Adescription%22%3A%22%D0%A6%D0%B5%D0%BD%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%20%D0%91%2F%D0%A3%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9F%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%D0%BB%D0%B8%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B9%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D0%BD%D0%B0%20Kufar.by%20-%20%D0%BA%D1%80%D1%83%D0%BF%D0%BD%D0%B5%D0%B9%D1%88%D0%B5%D0%B9%20%D0%BF%D0%BB%D0%BE%D1%89%D0%B0%D0%B4%D0%BA%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616083924389.32725485&it=1616083922421&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=14752503481881043837&f=AYxqP_zy9k4wq8BDUxci0yRbKpR-C59beR_0qOjj0TFRgrb_raeYqi6pt5N2WeIo_KoawGFliOXJxiFfGDDLzHoY&id=558642698030285&l=3&v=0
Request Chain 277
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ae7cc068-8804-11eb-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ae7cc068-8804-11eb-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=0vXPUalO%2FwOY61ya%2F%2BtF2g& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata&google_gid=CAESEJcfSudwrAnTsYt3WGh_BJo&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata&google_gid=CAESEJcfSudwrAnTsYt3WGh_BJo&google_cver=1 HTTP 302
  • https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABjY982CBlIFvaHczgZaIAoGZXh0cmExEhYwdlhQVWFsTy93T1k2MXlhLyB0RjJnWhAKBmV4dHJhMhIGYWlkYXRhYhtDQUVTRUpjZlN1ZHdyQW5Uc1l0M1dHaF9CSm9qATGIAQE* HTTP 302
  • https://sync3.adsniper.ru/?src=ggl&s_data=CAIQARjY982CBlIFvaHczgZaIAoGZXh0cmExEhYwdlhQVWFsTy93T1k2MXlhLyB0RjJnWhAKBmV4dHJhMhIGYWlkYXRhYhtDQUVTRUpjZlN1ZHdyQW5Uc1l0M1dHaF9CSm9qATGIAQGiARCwauViiAQR64bgACWQwGR8 HTTP 302
  • https://sync.bumlam.com/?src=ggl&s_data=CAIQABjY982CBlogCgZleHRyYTESFjB2WFBVYWxPL3dPWTYxeWEvIHRGMmdaEAoGZXh0cmEyEgZhaWRhdGFiG0NBRVNFSmNmU3Vkd3JBblRzWXQzV0doX0JKb2oBMYgBAaIBELBq5WKIBBHrhuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=ggl&s_data=CAIQARjY982CBlogCgZleHRyYTESFjB2WFBVYWxPL3dPWTYxeWEvIHRGMmdaEAoGZXh0cmEyEgZhaWRhdGFiG0NBRVNFSmNmU3Vkd3JBblRzWXQzV0doX0JKb2oBMYgBAaIBELBq5WKIBBHrhuAAJZDAZHw* HTTP 302
  • https://an.yandex.ru/setud/adsniper/214DC66E09B24586?sign=2844709219
Request Chain 333
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2HtTYK-HLtDw7gO88KbICw&random=996589166&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098&ipr=y
Request Chain 334
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2HtTYOWILtXvgAeo3KSQAg&random=49581358&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171&ipr=y
Request Chain 335
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A75904365765%3Ahid%3A472620097%3Az%3A60%3Ai%3A20210318171208%3Aet%3A1616083929%3Ac%3A1%3Arn%3A324247833%3Au%3A16160839291037149413%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1616083926569%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C852%2C1%2C1565%2C1565%2C0%2C1564%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C1519%2C0%2C1565%2C1565%2C0%2C1565%3Ati%3A2%3Ast%3A1616083929 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A75904365765%3Ahid%3A472620097%3Az%3A60%3Ai%3A20210318171208%3Aet%3A1616083929%3Ac%3A1%3Arn%3A324247833%3Au%3A16160839291037149413%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1616083926569%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C852%2C1%2C1565%2C1565%2C0%2C1564%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C1519%2C0%2C1565%2C1565%2C0%2C1565%3Ati%3A2%3Ast%3A1616083929
Request Chain 349
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 357
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X&crf=1
Request Chain 360
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMF2N8T4-1O-8D1X&sigv=1&esig=2~5c18e05ddf7972d9e6ff87c81ce8ce1221389fa0
Request Chain 361
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYyM2M5YWExNjI3OWIwNWZlMWM5ZjIwZTRiM2Y0ZTQxNDhiODRmZg
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOvipYOFx778WCeXsnwRwgA&google_cver=1
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFN72gAAAKFexizr HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFN72gAAAKFexizr&_test=YFN72gAAAKFexizr
Request Chain 364
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZgzrLiqKUg4OC6MmqP5FbMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375372207538464899
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 367
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890&cs=1
Request Chain 368
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972
Request Chain 370
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 444
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Request Chain 445
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5555003135749739312
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Request Chain 449
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 450
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Request Chain 451
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2864180679862859658
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 456
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Request Chain 457
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2448409221747358692
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Request Chain 461
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 463
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 464
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 468
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oe7yyLhWivmeZV4hHQKiFw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 471
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=cjRQy0iI1LmVfR5
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Request Chain 473
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTmdVN0FwdmdBQUJEcXRHVlBWQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNgU7ApvgAABDqtGVPVA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=48109513688616035 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNgU7ApvgAABDqtGVPVA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D48109513688616035%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=48109513688616035&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACNgU7ApvgAABDqtGVPVA&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACNgU7ApvgAABDqtGVPVA
Request Chain 479
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=91258967075929366
Request Chain 481
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
Request Chain 483
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFN72gAAAKFexizr
Request Chain 484
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=AHEkt253nW7jaCcqrhRlWfiM&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DAHEkt253nW7jaCcqrhRlWfiM HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DAHEkt253nW7jaCcqrhRlWfiM HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DAHEkt253nW7jaCcqrhRlWfiM HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c4833ae8e9ec77cebb217850800a5ed&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DAHEkt253nW7jaCcqrhRlWfiM HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DAHEkt253nW7jaCcqrhRlWfiM HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=AHEkt253nW7jaCcqrhRlWfiM
Request Chain 485
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=69291ac4-30b5-514d-9155-0342f1067890&expires=30 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Request Chain 499
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Request Chain 500
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2cf9ff2-8804-11eb-a4e9-bf7463b7e2a0
Request Chain 502
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=14EBBAE21E42474EAE9C3675ADA49C48
Request Chain 507
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Request Chain 508
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2d0d868-8804-11eb-ade0-a91a1c6afdd8
Request Chain 510
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A879CDB586B94BEAAC102537876D4153
Request Chain 519
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1870471593588970511
Request Chain 520
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
Request Chain 521
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4 HTTP 302
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
Request Chain 522
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff HTTP 302
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Request Chain 523
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
Request Chain 527
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1875819618262150154
Request Chain 528
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
Request Chain 529
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4 HTTP 302
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
Request Chain 530
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff HTTP 302
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Request Chain 531
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
Request Chain 556
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5054081296408971009
Request Chain 557
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNgU7ApvgAABDqtGVPVA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=48109513688616035 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNgU7ApvgAABDqtGVPVA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D48109513688616035%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=48109513688616035&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=2&ev=AACNgU7ApvgAABDqtGVPVA&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA
Request Chain 558
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027635553695893
Request Chain 560
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AHEkt253nW7jaCcqrhRlWfiM
Request Chain 561
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 562
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=hOtmb40VcEcI&pid=557219
Request Chain 563
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 564
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 565
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cjRQy0iI1LmVfR5&gdpr=0&gdpr_consent=
Request Chain 566
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h-2hdjzgRmKjzB9ur-eo7g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 568
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 569
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&addseg=31
Request Chain 570
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODdFREExNzYtM0NFMC00NjYyLUEzQ0MtMUY2RUFGRTdBOEVF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKrlari2-FEWbBEW_Od5Y4c&google_cver=1
Request Chain 573
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
Request Chain 574
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5555003135749739312
Request Chain 575
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e0916053-7bd9-4c00-9fd3-a60057a08047&gdpr=0&gdpr_consent=
Request Chain 576
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=91258967075929366&gdpr=0&gdpr_consent=
Request Chain 577
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Request Chain 579
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m7H6R9tE2uX9D6JwvkyivZEY1cNY9bs-~A&gdpr=0&gdpr_consent=
Request Chain 580
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu
Request Chain 581
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN72gAAAKFexizr&gdpr=0&gdpr_consent=
Request Chain 582
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 583
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c8ba1d4-32c9-4fb5-8a5c-6ab703d0f8c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 584
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
Request Chain 586
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Request Chain 587
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
Request Chain 588
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b2d0d868-8804-11eb-ade0-a91a1c6afdd8&gdpr=0&gdpr_consent=
Request Chain 599
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Request Chain 601
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFN722IBF1OtO6t6XkyggQAABFkAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
Request Chain 603
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
Request Chain 607
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Request Chain 608
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFN722IBF1OtO6t6XkyggQAABFkAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
Request Chain 613
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-78e72161-0500-453d-9b7c-a74f2082b720
Request Chain 614
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=&av_tc=true HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=8bd8a3e6-f9a9-49fe-b52b-53cf08044133&expires=2&ssp=index&bsw_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Request Chain 618
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 620
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Request Chain 621
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 622
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f33dc6e2-822f-42a5-8705-2e3779ed5dc7
Request Chain 623
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zyAC3M5yU43UJATZnSIaiZslA47UJFPXnHY14dkA
Request Chain 628
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 629
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4444592662612151145
Request Chain 630
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 632
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Request Chain 638
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFN722IBF1OtO6t6XkyggQAABFkAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Request Chain 639
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Request Chain 640
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Request Chain 641
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Request Chain 642
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 644
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Request Chain 646
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 647
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5555003135749739312&expiration=1617293535
Request Chain 648
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%2526expiration%253D1618675937 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26expiration%3D1618675937 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Request Chain 649
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
Request Chain 651
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=da1244c6-5329-4292-a57d-091aba70b624&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Request Chain 654
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Request Chain 661
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Request Chain 662
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Request Chain 663
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Request Chain 670
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Request Chain 672
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Request Chain 677
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b722e6a4-921b-49ec-a069-74d47becaee7
Request Chain 678
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113
Request Chain 680
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%2526expiration%253D1618675937 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26expiration%3D1618675937 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Request Chain 681
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 682
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Request Chain 686
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 688
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047&C=1
Request Chain 689
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Request Chain 690
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Request Chain 693
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Request Chain 696
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Request Chain 697
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Request Chain 704
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=&av_tc=true HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=eb2138ab-860d-4836-948b-f967345ab3e3&expires=2&ssp=index&bsw_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Request Chain 706
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Request Chain 707
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Request Chain 708
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Request Chain 709
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%2526expiration%253D1618675937 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348%26expiration%3D1618675937 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Request Chain 727
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7782430588 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e93f2ab4-8f68-4846-a257-51533e3b21af HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e93f2ab4-8f68-4846-a257-51533e3b21af?zcc=1&dspret=0&cb=1616083937494 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
Request Chain 728
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A879CDB586B94BEAAC102537876D4153
Request Chain 730
  • https://pixel.onaudience.com/?partner=214&mapped=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=e93f2ab4-8f68-4846-a257-51533e3b21af&icm HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=e93f2ab4-8f68-4846-a257-51533e3b21af&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=4f565746512aa63d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7456e28d-35ae-41be-76f5-9af2c1bd0d5a&reqId=314c5515-f60e-4194-5317-e3d8dc6bf6fe&zcluid=4f565746512aa63d&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEA9apX5ZI1QJ1zxfLHCmTh8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7456e28d-35ae-41be-76f5-9af2c1bd0d5a&reqId=314c5515-f60e-4194-5317-e3d8dc6bf6fe&zcluid=4f565746512aa63d&zdid=1332
Request Chain 731
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e0916053-7bd9-4c00-9fd3-a60057a08047
Request Chain 737
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPUrxhZuvINHpzQmfx_f3p4&google_cver=1
Request Chain 740
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
Request Chain 741
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Request Chain 742
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8935966940086045690
Request Chain 743
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Request Chain 744
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4405628821684773312&gdpr=0&gdpr_consent=
Request Chain 745
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=226d76ac-1ba4-4955-bfd0-dfaba00c83be HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=226d76ac-1ba4-4955-bfd0-dfaba00c83be HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c0628730-e40e-40ae-87f6-34cd75819ff4&user_group=1&ssp=pubmatic&bsw_param=226d76ac-1ba4-4955-bfd0-dfaba00c83be HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 746
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7
Request Chain 747
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNWIwN0FwdmdBQUJDaWNXS05MUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE5b07ApvgAABCicWKNLQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE5b07ApvgAABCicWKNLQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE5b07ApvgAABCicWKNLQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6338613834835168445 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5b07ApvgAABCicWKNLQ
Request Chain 748
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027657016408215
Request Chain 749
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acbd3bad-f950-4e25-b03e-96f169103476&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 750
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1e4fe391-0e1f-47c1-8161-d2fb1ca299dc-60537be1-4348&gdpr=0&gdpr_consent=
Request Chain 752
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Request Chain 753
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Request Chain 754
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 755
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_29b7a8a1-ba96-4201-982d-70c048f6567f
Request Chain 756
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ooC02OLvVRmV&pid=557219
Request Chain 757
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 758
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 760
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b52f8894-8804-11eb-95e4-ff530cb7fbdb&gdpr=0&gdpr_consent=
Request Chain 761
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbQ_uM3cTjSJfF7ELaS_Iw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 763
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 764
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&addseg=31
Request Chain 765
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjFCNDNGQjgtQ0REQy00RTM0LTg5N0MtNUVDNDJEQTRCRjIz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 767
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nC7eEZ5E2uVNYUIn5RwrDTJo8QbjN9g-~A&gdpr=0&gdpr_consent=
Request Chain 768
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFN74AAAAHSLu1LS HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74AAAAHSLu1LS&gdpr=0&gdpr_consent=&_test=YFN74AAAAHSLu1LS
Request Chain 769
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3703334772225254813&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 777
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHuWlzgDkqlRegdeXCQOKw8&google_cver=1
Request Chain 780
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ef29cf6-29f9-4463-8afb-b2731ff2a02b
Request Chain 781
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Request Chain 782
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=942249929745085148
Request Chain 783
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Request Chain 784
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1506566452629545247&gdpr=0&gdpr_consent=
Request Chain 785
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 786
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp
Request Chain 787
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEempFN0FwdmdBQUJDSWhkWk1MZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADzjE7ApvgAABCIhdZMLg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7457729355502456030 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADzjE7ApvgAABCIhdZMLg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7457729355502456030%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=7457729355502456030&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADzjE7ApvgAABCIhdZMLg&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzjE7ApvgAABCIhdZMLg
Request Chain 788
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027661322254487
Request Chain 789
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:12be7ed0-5a25-4588-a1df-33feefebf433&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 790
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348&gdpr=0&gdpr_consent=
Request Chain 792
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1506566452629545247
Request Chain 793
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Request Chain 794
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 795
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e2ca4247-01f4-4e84-88a5-548dabc882c4
Request Chain 796
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=rp973uyIHoI8&pid=557219
Request Chain 797
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 798
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 800
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YMl0hj9xRMOAO7ymkK3a7w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 802
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 803
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=60C97486-3F71-44C3-803B-BCA690ADDAEF&addseg=31
Request Chain 804
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjBDOTc0ODYtM0Y3MS00NEMzLTgwM0ItQkNBNjkwQUREQUVG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 806
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RCsyGZtE2uX4JY29zGXDFFifjCqoGMs-~A&gdpr=0&gdpr_consent=
Request Chain 807
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFN74wAAAJPPYFZV HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74wAAAJPPYFZV&gdpr=0&gdpr_consent=&_test=YFN74wAAAJPPYFZV
Request Chain 808
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3906840080875431325&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 810
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&gdpr=0&gdpr_consent=
Request Chain 814
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=870646222 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5ef29cf6-29f9-4463-8afb-b2731ff2a02b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-92454d04-77d7-4993-b222-9fc20163b137-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-92454d04-77d7-4993-b222-9fc20163b137-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-92454d04-77d7-4993-b222-9fc20163b137-003
Request Chain 815
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E093CFA0BCB4C1E8C0B0FD40740E509
Request Chain 817
  • https://pixel.onaudience.com/?partner=214&mapped=60C97486-3F71-44C3-803B-BCA690ADDAEF HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
Request Chain 818
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c6636053-7be2-4800-8611-c00e24425bf4

813 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request listings
www.kufar.by/
Redirect Chain
  • https://www.dba.dk-online-pay.online/
  • https://www.kufar.by/listings
348 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty / Next.js
Resource Hash
cf654b9c105e3133c4f8083f15371ea7b2db4c2d6391fd38d2c136019275e1c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.kufar.by
:scheme
https
:path
/listings
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Thu, 18 Mar 2021 16:12:01 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
lang=ru; Max-Age=31536000; Domain=.kufar.by; Path=/
x-powered-by
Next.js
etag
"57053-yfkaCjAIs3EDoPXCOPyhhfLm7jQ"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Date
Thu, 18 Mar 2021 16:12:00 GMT
Server
Apache/2.4.41 (Ubuntu)
Location
https://www.kufar.by/listings
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
listings.js
content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/ 		986 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/listings.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
6258c544ad138b7c35a5530591530734f006f826f84b4b6200d5c4c38b6978af

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"7808a7ee62ce2f7697118dc06aa48881"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bd7e039818f6bd12ba37b73d719c6730.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
202415
x-amz-cf-id
Hpa8JV9g7So7qYfPib6FW7F5DTGOGYTBjGuHY_89yQA6WYzfIW7AHg==
_app.js
content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/ 		635 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
a400157ed9d127b55720246ea9fa43f32251f3b9508e6c3efd75c752ffad452a

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"dd43ebe9a7e550d1e00db2a98549ba3e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7cbc7be2814e4b470b205933b90a9fb1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
163378
x-amz-cf-id
MoP0YKZuRpyal1-qjiepBQVoGZhcmkCrblvNfb4rT86b2l3rUdUgpQ==
webpack-4baa799851d15997a039.js
content.kufar.by/static/kufar-fe-listings/_next/static/runtime/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/runtime/webpack-4baa799851d15997a039.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
f3a33a8e6b1326e61e58f424a83d5c9865c945d6049d07e7b3189f46da43929a

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 11:14:44 GMT
server
openresty
age
11
etag
"d135f8ea41974f80dcec60c28688cedd"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1562
x-amz-cf-id
kMOiEgbPUnUbnRiOqE5bPXvionQ4GAAip4AKUuLCaDwqDxv9hJm3rw==
commons.62d2287db9f8cd1241ec.js
content.kufar.by/static/kufar-fe-listings/_next/static/chunks/ 		2 MB
449 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/chunks/commons.62d2287db9f8cd1241ec.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
daa166f0c01f6b91190b6a18f437f02ae30cd12b479bd9a433272fd9c1020eec

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"f36b5d07cec7a4673954e8084a94aea4"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d050fbf11362165fc47c03a14392c36.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
458742
x-amz-cf-id
0mD36Kk47ApH6onXVmrFqWZYOgK-0ezPny9OIk-WdzzcgPvY8rbNjg==
main-352f6c8da0f1f6483d01.js
content.kufar.by/static/kufar-fe-listings/_next/static/runtime/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/runtime/main-352f6c8da0f1f6483d01.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
256374e9385951a4f305a78204e1927cb44a0dd27af24bed89902bb21bd975cc

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 11:14:44 GMT
server
openresty
age
12
etag
"d10b60d0f195f592d65d0472f4e32aba"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
24313
x-amz-cf-id
8AmE8MQnJxCUEVf7mzYF4SyfFrRT2aIdqv_ymk-GvFzH6NFnoT6R3w==
commons.045b6e59.chunk.css
content.kufar.by/static/kufar-fe-listings/_next/static/css/ 		70 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/css/commons.045b6e59.chunk.css
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
830637f62445e221adba1d83ffd6937a2fc851f26cefa79eb9741c3979e75e65

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"c316a19ead213ad181ff336ae1919b3e"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 3746550ac2cf89851f01a575c7b680a6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
11775
x-amz-cf-id
X11NNWXpjvb5ab5giWOCw8d0C9N1-ceap0R_9nTqq919B4CjXeuAng==
listings.js.10115bc3.chunk.css
content.kufar.by/static/kufar-fe-listings/_next/static/css/static/YzKO67f5HLVKFXhBOlRdv/pages/ 		87 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/css/static/YzKO67f5HLVKFXhBOlRdv/pages/listings.js.10115bc3.chunk.css
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
7092dc0c6c73a2c9c44bc569cdff9674aeca7e9b4f248e673ef3098407f5a37a

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"8f43165999cb4f48ea56b253c690220f"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e92192d46c302f80eb31c448bf9ad7d6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
13975
x-amz-cf-id
vc331lIpBOlO_DMiZXcMia8bAHA0fdlPf2CQsgni_5l2OmBbK_wSzw==
_app.js.93faea0c.chunk.css
content.kufar.by/static/kufar-fe-listings/_next/static/css/static/YzKO67f5HLVKFXhBOlRdv/pages/ 		139 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/kufar-fe-listings/_next/static/css/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js.93faea0c.chunk.css
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
635388de567b75686880153aa33f6ee37fd8172d7a96c973d92d6fa7dc5245fb

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:05:45 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"c681fb6522552dcd8bb3057cefc68520"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 24f5499a7e1e28d072ca230380ceb383.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
27744
x-amz-cf-id
HcjqINl0koiddRgpX1Ssi2HaVZQQxHTB8HMq_1nQzQYRfv5_AbJwjg==
header-bidding.js
yastatic.net/pcode/adfox/ 		162 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/header-bidding.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6363291e32e3e3658a48ae9dd34781578cc2ae21286882a960c0705f7cc13442
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
37046
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"806b56e9e2fef857757cf6ed5c57f6c2"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Mar 2021 17:07:07 GMT
loader.js
yastatic.net/pcode/adfox/ 		181 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/loader.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e2150bd820d129a2c937e6d980824cbc88fb5ec9d43e06be325e99787db6a61f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
41537
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"d189538be506032b476812eb08a52367"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Mar 2021 17:08:18 GMT
widget.js
an.yandex.ru/system/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/widget.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
40e862ec0c0fcc867fcf95415c623b53d67a914117201991fdc481c423982691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1068739741
x-yandex-req-id
1616083921647120-836804668174030175500140-production-app-host-sas-pcode-35
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 18 Mar 2021 17:12:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
286abd8b0e7803703b0d830c93733e7fc80056ac8258baf5f3ba50a29a22263a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"815 / 525 of 1000 / last-modified: 1616065930"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:01 GMT
lazysizes-5.2.0.min.js
content.kufar.by/static/frontend/libs/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.kufar.by/static/frontend/libs/lazysizes-5.2.0.min.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"2e6b0de02bb52f29b54523757d557669"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 efa3f650322a17dcd37faac064c8c2c7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
3401
x-amz-cf-id
D8GwYbtlw3G9iXtsSovAfKGQvZDghapbm0JSxkEjhhcsPt-q-9PyvQ==
tracker.js
api.mindbox.ru/scripts/v1/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/scripts/v1/tracker.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.193.49.123 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx /
Resource Hash
a270ff6d857c24ed0f092bb6639e50dcaa26a76b1580f48a2b3e3b3328f090f1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-security-policy
default-src 'self' 'unsafe-inline'
content-encoding
gzip
referrer-policy
same-origin
last-modified
Sat, 20 Feb 2021 09:39:49 UTC
server
nginx
x-amz-request-id
fb3d1157d4c3a30c
etag
W/"6f170a17820c85a1281909e35d8dfd25"
x-frame-options
DENY
content-type
application/javascript
feature-policy
vibrate 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains; preload
transfer-encoding
chunked
x-xss-protection
1; mode=block
logo-big.svg
content.kufar.by/static/frontend/svg/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/logo-big.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
ef242eb99679d7583920f00cdd7cccd1ae2300f9a8889105cd585332795ad059

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"db8593e8b522796fab103b2287f48f37"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 48e4ae8ebef8c772e9f38b0ce2960755.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
2412
x-amz-cf-id
ClIdLNSxWuw8QqrqmswvlEry1nzzUdxoRzekSfT2AdX4ysyh5cCtiQ==
logo-small.svg
content.kufar.by/static/frontend/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/logo-small.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
aae847df29d74492dbf418cb89bc2d84005c3f6bf2efda272282a1d26c84a623

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"b35f22d8db415919cc79f2e348107f7b"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ef.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1981
x-amz-cf-id
bbZxs1iKRzM83rCQI93Eom9qvqyHFKdNRPAI52E2NYsT1SzJwkO4WA==
logo-re.svg
content.kufar.by/static/frontend/svg/ 		272 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/logo-re.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
068f16c87c9ce7f94fd2a354126eed7e5028cb84d5cd108337513d2882726036

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"e9d71bf8610d7a0d62d15e6440f1b72e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 d9301398db70d749f8b2ddc8f79c19e3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
233
x-amz-cf-id
3s23EnplVlS9bk0CPNpCdjUcqo1Ap7X5-RC_RSQ6ebD8PiATWHpvPw==
logo-auto.svg
content.kufar.by/static/frontend/svg/ 		581 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/logo-auto.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
f4707c4a2c4b667770d34a13152183333a79f1dbc6c85441d905fc2bcb41a959

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"23b31c01759a499b313840736906d84d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 5da47734f496c05ba90c546c024fb779.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
342
x-amz-cf-id
R2OYWvjn0xzLFbbrOypip50M5HNZfi26d0pV4gFHBXSpep42Zp7kJg==
lens-icon.svg
content.kufar.by/static/frontend/svg/ 		291 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/lens-icon.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
8676e2793862152850f3d5f35d172e9f96966cc7583339a861e9a20a149cc400

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:57 GMT
server
openresty
age
189
etag
"11426416bc9312edc6f82828fd35592f"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
231
x-amz-cf-id
9jJJ-CHU7t1p_JN9tteDBZ9mCn7beVuGBOOM6ggO5BhA0FBmV_NccA==
marker-green.svg
content.kufar.by/static/frontend/svg/markers/ 		469 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/markers/marker-green.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
9cd9f5d15bae475759281d064116054b6b506ee372c25890563ff7b34416bab9

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"b0e3a83aeaedbfac8277f346d3da2cfe"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 320b04684a5b16980772c5d36c63ecea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
319
x-amz-cf-id
3Lm-mXkdI9_oNPwYGmFtXQkkyJEu2sTMguVJCaHP8ImgMhZFSXgGXw==
plus.svg
content.kufar.by/static/frontend/svg/ 		221 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/plus.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
c0c185de046d48f0758edea7df295e355c007355e01efef820c1fbb260aaa088

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"bec7c1b4c3bbc2f2a2f52a75e32fb10d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 463c61d5be9284ffc1eec85e247d041a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
196
x-amz-cf-id
0ZBV3kVgSZxxLiW2nKZEy1fkC_IPA9A16pZaTTb9VO7AE8JmP6-sog==
delivery-updated.svg
content.kufar.by/static/frontend/svg/paid-services-card/ 		1 KB
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/paid-services-card/delivery-updated.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
e595c68ca5d2e0ecbdf6a9544920b09c2b24f3ac28c850bbe3d062afdce3e74c

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
183
etag
"3ce7d24fa511a4a34270b4f11a396b13"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
561
x-amz-cf-id
rPWYI-bsYUeSypRygv_nPValI_3Bmw5ut8T546pBjpZjCf4pZLVCTA==
high-heels.svg
content.kufar.by/static/frontend/svg/seasonal/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/seasonal/high-heels.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
e5c44ac737785fd6396f1f9e4718ed9c1325e5ea7c3b1c03092ddbe0526dc804

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:57 GMT
server
openresty
age
191
etag
"dba3c58b54abd278ae4d48aa9fb83b0e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 6b08baae6d8fdc124eeea9f6d807fa9b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
861
x-amz-cf-id
t9tUR5VyXFi3-0BT1tv9IQtyX6yFFt3ku8b13QhXIG96B--CRYO0pg==
saved-search.svg
content.kufar.by/static/frontend/svg/ 		684 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/saved-search.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
c6500b0dc7bc89510ce9566b5f9abd8a18e7c1370696f40b75ec23519194ddad

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"65343cdc45e4b962ae3e35896199a0f3"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 19a079cfe5fbc38f063a9e46b60b00a7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
433
x-amz-cf-id
bmFdHH21m9gxVCs774cHT4vAu8g9OjA6HR3ldS_FzvzGMOXz2dAHZg==
xgemius.js
gaby.hit.gemius.pl/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby.hit.gemius.pl/xgemius.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 11:13:20 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
10549
expires
Fri, 19 Mar 2021 04:12:01 GMT
gtm.js
www.googletagmanager.com/ 		295 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJFK6L
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c7d79b6c59d3303f6a79a71a5ada66455564b0285799e2c5f9139089e871f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62221
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Mar 2021 16:12:01 GMT
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QTFZM0D0BE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJFK6L
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05b8a0a12ba6727b44f0bb806f0ea3b2656d7eae97d8f348592c2697c7189875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53438
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:01 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJFK6L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
566
date
Thu, 18 Mar 2021 16:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 18:02:35 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJFK6L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c26088b9602714872c8ffc6e9fc78e28752439c53fbab8b9c9dc8ce71b7d9e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13203
x-xss-protection
0
server
cafe
etag
8044566483108991478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 16:12:01 GMT
hotjar-2040951.js
static.hotjar.com/c/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2040951.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJFK6L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
26c0d7dbd28965c64b477e2e3d2aeb484aa682f3d3a396b4582bc949a2485c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-C1
etag
W/cf5f6c1719f8285ad3a37181b0e3a6c0
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
rEwlfYeCW7Rbx5q2DI6AkWjbDOQRtnk3Cmd4jNKEP50n0cRzqM6Ubg==
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
tag.js
mc.yandex.ru/metrika/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2d3a20faae713aa23b9639a83c90d42f042f7df30e68c1646db52a031f3477c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"6051cea4-1084f"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67663
expires
Thu, 18 Mar 2021 17:12:01 GMT
code.js
top-fwz1.mail.ru/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Wed, 09 Dec 2020 16:09:03 GMT
Server
nginx
ETag
W/"5fd0f69f-5361"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
max-age=3600, private
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Expires
Thu, 18 Mar 2021 17:12:01 GMT
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?162
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx /
Resource Hash
06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
x-frontend
front220205
last-modified
Fri, 18 Dec 2020 12:43:04 GMT
server
kittenx
etag
"5fdca3d8-57c5"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22469
expires
Mon, 22 Mar 2021 16:12:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
MlsbuRFCrfB+b4xYCRZDDAv8oCiOLRMaO7lMyZml0b1+xcPA4gsdvewltDvRdbLa/3xRBJqWMrpMujpiLAW1Eg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 18 Mar 2021 16:12:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rtrg
vk.com/ 		49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-230748-8x7Bu
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.106509
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
x-frontend
front220205
server
kittenx
x-powered-by
KPHP/7.4.106509
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
unliked.svg
content.kufar.by/static/frontend/svg/favourite/ 		907 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/favourite/unliked.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
844cd56c88c3baf5292041b8961efd7ce1aa25f34addf64600862b8ebfceba7f

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
188
etag
"364f8c4d824fa989c6ec106a6f9cb904"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
410
x-amz-cf-id
iu5fKRwn76elgLxcW6uFnc2Qhi8YSPvSx3i581SVrvgwvis0sy_bDQ==
marker-gray.svg
content.kufar.by/static/frontend/svg/markers/ 		469 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/markers/marker-gray.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
742873fae92e5c093a9d4616746d612511e75c07104578b1731dc89612b8ddca

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
189
etag
"01382dc358ce5afb29b4fbfb91151eac"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 9020b755bdec9fbd562cc16c0a42d6f3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
319
x-amz-cf-id
MhUcBjnoGPIgCdt6iRJVdMnP-XNYQqEyzUIuDZ69F0dqZzdWobrbJg==
statistic.svg
content.kufar.by/static/frontend/svg/footer/ 		217 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/statistic.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
26906d25a249bb3e03d4e3ce381b03a65d2cf09eca28015106e60a2e1ef002af

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
186
etag
"36dd979c0bd50141fc2d047c52e50922"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 e92192d46c302f80eb31c448bf9ad7d6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
204
x-amz-cf-id
AG_J1WhFyCZJD6fo5zQgYrcsofLiWzuada787S-rtt4rIWsWE81aEw==
globus.svg
content.kufar.by/static/frontend/svg/footer/ 		975 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/globus.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
952a65260d613208ca3026ac07e8a626229bc86f356dbdd9845d0a77c2ffccbb

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"613c0dbffb4cf50565ceb0a3906d4029"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 6b08baae6d8fdc124eeea9f6d807fa9b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
548
x-amz-cf-id
SRpu1L0QlsKyTP8gPew_uzVWASCNrPEwTSzSW4IAtZB9K0PbHDVd6g==
apple.svg
content.kufar.by/static/frontend/svg/footer/ 		713 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/apple.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
63b529289413af985f7534910390687265804c9382a1766e49036bf81524280a

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"9aa62090bebc7ee0d754cee61b91b522"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 9c46a92c66fe21525310bd5d2f471e46.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
450
x-amz-cf-id
c7ckqIeXMXPpl9eIO6VmfY-kPDDVNs1c47k6zMCOvM-HftTxR4WREA==
google.svg
content.kufar.by/static/frontend/svg/footer/ 		491 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/google.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
06a06bef7bdb91fc33e2f01009b97fb861c9be84e77f3e06cded40b4fe33bb77

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"f7ed82db1440748dee70784caa97af2d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 af82af67460d4533dad2305c32467799.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
344
x-amz-cf-id
sC7f27e73rIQPCKjrQCVVX63hz7PPC18GAPw9q_dV1exOgwxS3ktVg==
huawei_1v.svg
content.kufar.by/static/frontend/svg/footer/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/huawei_1v.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
66887b16cbbe3f21a8643b424f39f7aab1f6fb63ccfd92bd8ba18f12eb86062f

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
186
etag
"b8cc7d1c425c2606ce2edca85f9ad7fa"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 9c46a92c66fe21525310bd5d2f471e46.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
1608
x-amz-cf-id
mBqmqP1CEq4ajWwDhRnB2gMMPg4DTClFM40CR-RSmaHdDqdJ1i-beQ==
telegram.png
content.kufar.by/static/frontend/img/new-social-icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/new-social-icons/telegram.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
5498c766a80c426e137a9c7bbe7a54ef43b95611ce198eaa7f8e18a82e37fdb9

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:26:37 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"69596cf717150a45d5c2c1b295253d4f"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 f79355bad214d64e02ae8e84a86f4933.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
4692
x-amz-cf-id
YfEfNzmU5IeLe3l3lenQ43EM1_ZdmsaVAvHnf_i4phfL2GF3dQr9Pw==
vk.png
content.kufar.by/static/frontend/img/new-social-icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/new-social-icons/vk.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
3275c8b3b733babb9b6ec90ef843d1c6fef548cef44fab8dcec765a25775fdee

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:26:37 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"dd3d9590e7245e00dda32303efc0cb5b"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 74e2a59e06d5b7556eb510403eacd42e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
4171
x-amz-cf-id
rKleaLXbOdDvpd8yF2Mr-vi0-MS14IMh-O020UITFXRrVkBKaR8nbg==
facebook.png
content.kufar.by/static/frontend/img/new-social-icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/new-social-icons/facebook.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
57279cfbc8453d5b38d03b1e52a483867d12d0bde958e20cb77c8852b73b1f26

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:26:37 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"c41b085c2866a9dbae4fef16f8f0e216"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 f735f4a6973fb5ea131811587853dcf6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3889
x-amz-cf-id
HICMZgNhNOLEgvhWDUCovo314_vdqoX6T1XyrHzpfLXA3ZCLDA3umw==
instagram.svg
content.kufar.by/static/frontend/svg/footer/socialNetworks/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/socialNetworks/instagram.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
4a7e3290c7710fa14563f8f51fbad3fd3e62edbddf287203659be4a34b40f3f6

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"84f59b687b7e379dfbcae30d7a063eb8"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3746550ac2cf89851f01a575c7b680a6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
820
x-amz-cf-id
hatnBCGVkpeVC5-GJXJi96VRj_tqi2ptEat0tfHZKC9ZvGxNIT4_1Q==
youtube.svg
content.kufar.by/static/frontend/svg/footer/socialNetworks/ 		706 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/socialNetworks/youtube.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
db6c0c0b995a058161a53df3d021e73699dbd3eb18030658bc6a00b64ea39a7b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"a5ca25706b79848a7e77c7e1f4b74d0e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 0015e7de11b197850ab8064c13ee17fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
421
x-amz-cf-id
_nZQOdClO9uBm5ezCf6Y4jFDqPTpde22mA1Nj1ads-RonTmil1NPrA==
odnoklassniki.svg
content.kufar.by/static/frontend/svg/footer/socialNetworks/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/footer/socialNetworks/odnoklassniki.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
d0cda426bacc75d3d1eac5459306b2fbb875c77175ec97454bf3adf0c2c53127

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
187
etag
"22c0f70b29c519227861303dcc526447"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 0c6608381c6e16c344d8596c47c9b95d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
677
x-amz-cf-id
jpgwPDW1SSeDlsWCA4huv0cOSan-JeR831gDscU6rifVKN1wtzQ3hg==
viber.png
content.kufar.by/static/frontend/img/new-social-icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/new-social-icons/viber.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
a5a2c16989467d65f6134df83d23aba81977868f6a00a162446891846537b7d1

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:26:37 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"8c0d9a927cefd0f2b03da4eed1e61978"
x-cache
Miss from cloudfront
content-type
image/png
via
1.1 19a079cfe5fbc38f063a9e46b60b00a7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3881
x-amz-cf-id
QH1-g5ziS4TbuuuHcHPElNCFcD7gxBu0I0rkMh-w-1mevqvhnMeukw==
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:01 GMT
js
www.google-analytics.com/gtm/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PN9T29J&t=gtm2&cid=1129222434.1616083922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
986f9f090a3eea798bf6475ee795a2bb7009947cadfbb9dcab01793f9c422c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35664
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:01 GMT
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d79381fe7503aba9a0b738405c323ff852861da3eea8e3a40339d2a21c728a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		430 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e478b83de26bbd91a7ef2cb06de1e03c7342656305018afa089cf8d7447ec4f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a62c5460402482508f508f694040adede09fecbf51201f46ac90a0948088466

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd449f5279a277403691ee8cdad15d7ef7ccaafdc7b1b71e6eb503738f6aae09

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
safe-deal-updated.svg
content.kufar.by/static/frontend/svg/paid-services-card/ 		591 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/paid-services-card/safe-deal-updated.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
e3d16b45c5d0dfd8f405e3f1e1578fd3d0ad6bddf0f99a398b22812746253309

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:57 GMT
server
openresty
age
178
etag
"89db067b8639a6d0aca993841b439400"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
314
x-amz-cf-id
T0uaMmOz0ATSPKMiHNj1U70MOYVDoRUWaTK5zvSsTW_2D-sPbrsXwA==
installment.svg
content.kufar.by/static/frontend/svg/paid-services-card/ 		534 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/paid-services-card/installment.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
d7ae53e6a30f19e2987c1987ccddb0fd8e0a0dea60c11e37b70d1f48066d6420

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
183
etag
"9268268ab52a47d5f5222949ea68a6ce"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 28b47ee0033927d1a2b6279100207ae8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
287
x-amz-cf-id
IdzhYWmdx1yQpdKy0yqtj5Ui_lrwyMMwsgtwlP9TmYm16QiGzVOG1A==
fpdata.js
gaby.hit.gemius.pl/ 		277 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby.hit.gemius.pl/fpdata.js?href=www.kufar.by
Requested by
Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
7b80550051327d789a1553bc06848fa0ec33a7b1029a31bba289459f1c0e0417

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Sat, 17 Apr 2021 16:12:02 GMT
collect
analytics.google.com/g/ 		0
71 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QTFZM0D0BE&gtm=2oe3a0&_p=305207293&sr=1600x1200&_gaz=1&ul=en-us&cid=1129222434.1616083922&_s=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&dt=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&sid=1616083921&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QTFZM0D0BE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
71 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QTFZM0D0BE&cid=1129222434.1616083922&gtm=2oe3a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QTFZM0D0BE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QTFZM0D0BE&cid=1129222434.1616083922&gtm=2oe3a0&aip=1&z=1925458316
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Server
2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kufar.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials
true
date
Thu, 18 Mar 2021 16:12:02 GMT
timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.kufar.by
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ 		240 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
4319cb2de554d04a2d85f964f1e27a46718e2028c4ed87a2ef2922d20c92cc34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:02 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
240
x-content-type-options
nosniff
content-type
application/json
banners.js
yastatic.net/pcode-bundles/0.1.3050/ 		116 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode-bundles/0.1.3050/banners.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ca29310fd29ac240ad1ad67e271672ceecc9928f62b3804c8150307047ab59f3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
27616
last-modified
Tue, 16 Mar 2021 18:58:28 GMT
server
nginx/1.17.9
etag
"5924bd6fc6ff6b3979bb58559e86fcfb"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:23 GMT
context.js
an.yandex.ru/system/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
bd35b73fc297a5fd9f8305f0ca56e865eef0ad4f1dcbbe1e0e098afde2316e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
958506350
x-yandex-req-id
1616083922405611-451505220164220575300105-production-app-host-vla-pcode-59
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 18 Mar 2021 17:12:02 GMT
widget.js
yastatic.net/pcode-native-bundles/1129/ 		243 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode-native-bundles/1129/widget.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
88a0a2c4d70bfa38e87356055de1644c3f1833770b6e58f2f6635095bea767d9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
57486
last-modified
Tue, 09 Mar 2021 18:17:04 GMT
server
nginx/1.17.9
etag
"c4cb9d8756b44fd7cdeb19a2e64658d2"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:12 GMT
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=1129&values=performance&adb=false&verison=1129&bundle_version=1129&widget_pf=no
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
modules.80e35cdf321570eb5b34.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.80e35cdf321570eb5b34.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2040951.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-24.dus51.r.cloudfront.net
Software
/
Resource Hash
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
20875
x-cache
Hit from cloudfront
content-length
58627
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 10:23:26 GMT
etag
"4a7c1a7cb16c5ef7e63405bd6f9a943a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
tViWZn9L3jspYUOPNjlXHmhtbrXLh_mahhB7uQn6H4HZN-AxrNl5PQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/861964165/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861964165/?random=1616083922405&cv=9&fst=1616083922405&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kufar.by%2Flistings&tiba=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50b8486c09a046ada82f0adf6a6ae40acaeab17d9b091ab39f1b8003c9983c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1077
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
558642698030285
connect.facebook.net/signals/config/ 		241 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/558642698030285?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30a99ac8707095147bd725648e1c7ac40c834be647b5c6f9bb00fd9ec09baba8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70585
x-fb-rlafr
0
pragma
public
x-fb-debug
Cn0UPF8RTLo5Rxc3GdDN9pm51hXvn9YC0NJLu2Fa+8j6WqgyAd2mTcCxFa+Kj+jd8djlxZf/FGiF64VlLsS5QA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 18 Mar 2021 16:12:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:02 GMT
adjson
ads.betweendigital.com/ 		11 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:02 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
sspmatch-js
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687
  • https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687&crf=1
882 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687&crf=1
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2b3c75a6f578d950d84b7a6b5f41264918fc4a8d72dfc0a2ccb36b20d173bf01

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript

Redirect headers

location
/sspmatch-js?p=43236&randsalt=4738170687&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
1
mc.yandex.ru/watch/19426846/
Redirect Chain
  • https://mc.yandex.ru/watch/19426846?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.ru/watch/19426846/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%...
184 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/19426846/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A1518729547175%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171202%3Aet%3A1616083923%3Ac%3A1%3Arn%3A237891163%3Au%3A1616083923488741529%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616083920390%3Awv%3A2%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616083923%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e384214965550bd4ea18a4f8c839df84289cecd0e4c8dab2eb42c8fadd8b1641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Mar-2021 16:12:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:03 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:02 GMT
last-modified
Thu, 18-Mar-2021 16:12:02 GMT
location
/watch/19426846/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A1518729547175%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171202%3Aet%3A1616083923%3Ac%3A1%3Arn%3A237891163%3Au%3A1616083923488741529%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616083920390%3Awv%3A2%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616083923%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:02 GMT
track-visit
api.mindbox.ru/v1.1/customer/ 		134 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.92&transport=XmlHttpRequest
Requested by
Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.193.49.123 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Kestrel /
Resource Hash
c8e2f196f7e1dffb6f0fa6f64632ecc30796db7c331a7e26a60914b02a4b3699
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
content-length
134
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
Kestrel
x-frame-options
DENY
date
Thu, 18 Mar 2021 16:12:02 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
feature-policy
vibrate 'self'
access-control-allow-credentials
true
expires
-1
advert.gif
mc.yandex.ru/metrika/ 		43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:02 GMT
last-modified
Thu, 11 Mar 2021 18:32:00 GMT
etag
"6051cea4-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 18 Mar 2021 17:12:02 GMT
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3142063;u=https%3A//www.kufar.by/listings;st=1616083922947;pid=USER_ID;title=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=3962e95c2a6017f7;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9.3//4g/0/0/;lvid=1616083922958%3A1616083922959%3A1%3A6b6a30c1ad7637cc0741a4da0632704e;opts=dl;_=0.2260022066783347
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 18 Mar 2021 16:12:03 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
https://www.kufar.by
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.kufar.by
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://www.kufar.by
Keep-Alive
timeout=60
count
cre-api.kufar.by/items-search/v1/engine/v1/search/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cre-api.kufar.by/items-search/v1/engine/v1/search/count?cur=BYR&size=42&sort=lst.d
Protocol
H2
Server
99.81.248.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-248-185.eu-west-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.kufar.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
openresty/1.15.8.2
date
Thu, 18 Mar 2021 16:12:03 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Segmentation,x-mc-version,x-mc-web-hostname,X-App-Name
access-control-max-age
1728000
content-length
0
count
cre-api.kufar.by/items-search/v1/engine/v1/search/ 		18 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cre-api.kufar.by/items-search/v1/engine/v1/search/count?cur=BYR&size=42&sort=lst.d
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/listings.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.81.248.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-248-185.eu-west-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
fe47e430df3f61b9ba874ef5b768b1af652679aee52005214cec013cafb63938
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
server
openresty/1.15.8.2
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Segmentation,x-mc-version,x-mc-web-hostname,X-App-Name
content-length
18
identify
cis.mpianalytics.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cis.mpianalytics.com/api/v1/identify
Protocol
HTTP/1.1
Server
34.241.141.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kufar.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type,content-length
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Origin
https://www.kufar.by
Access-Control-Max-Age
86400
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
content-encoding
gzip
Content-Type
application/json; charset=utf-8
Date
Thu, 18 Mar 2021 16:12:03 GMT
Server
Finatra
Content-Length
28
Connection
keep-alive
identify
cis.mpianalytics.com/api/v1/ 		858 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cis.mpianalytics.com/api/v1/identify
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.141.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
8b48baa6e169f82ef497759be254ae960582a60f8eef95050f95f57eb3836aa7

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
gzip
Server
Finatra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kufar.by
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
X-Requested-With,content-type,content-length
Content-Length
641
sd-kufs-promo.svg
content.kufar.by/static/frontend/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/sd-kufs-promo.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
42f9f35b7d4ee965e1d856856a4a6b6fc2b97da64122d34a84f7020a5097858b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 15:05:12 GMT
server
openresty
x-amz-cf-pop
LHR61-C2
etag
"3c8c9ae078c2a36c533c719a904efa37"
x-cache
Miss from cloudfront
content-type
image/svg+xml
via
1.1 4c36faabfc67dbcb121ad26f9612cc3b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
2649
x-amz-cf-id
CBDV0k339eMzTgKacSlkVtIo4kprX0G9hsgze2af3TypcnnHa-AkPA==
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a928bd7174193ecef74cc60693796118826e53e5be214daf6d25f17f68b93446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"6051cea4-aadb"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43739
expires
Thu, 18 Mar 2021 17:12:03 GMT
357986
an.yandex.ru/meta/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/357986?imp-id=1&target-ref=https%3A%2F%2Fwww.kufar.by%2Flistings&page-ref=&ad-session-id=7252771616083922389&ss-skip-token-length=30&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A1010%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&test-tag=57724387983373&tga-with-creatives=1&return-widget-settings=1&yaw_ver=1129&use-server-side-rendering=1&pcode-icookie=9627642771616083921&duid=MTYxNjA4MzkyMzQ4ODc0MTUyOQ%3D%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCw
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1b9463228ccae5d87607bd549b588bab1bf69bb1f77ff046b9724b17ae41f4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:03 GMT
ssr
false
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:03 GMT
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-433312-dEjWX&metatag_url=https%3A%2F%2Fwww.kufar.by%2Flistings&metatag_title=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.106509
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
x-frontend
front220205
server
kittenx
x-powered-by
KPHP/7.4.106509
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-410372-ghduW&metatag_url=https%3A%2F%2Fwww.kufar.by%2Flistings&metatag_title=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
kittenx / KPHP/7.4.106509
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
x-frontend
front220205
server
kittenx
x-powered-by
KPHP/7.4.106509
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
integrator.js
adservice.google.ch/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.kufar.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kufar.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2210300137119003&correlator=2036897954452566&output=ldjh&impl=fif&eid=31060487%2C31060296%2C31060367%2C44739387%2C21066612&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=133764788%2C300x600_listing_ADX_direct&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C160x600%7C336x280%7C300x600%7C240x400&prev_scp=AccountType%3DF&cookie_enabled=1&bc=31&abxe=1&lmt=1616083923&dt=1616083923759&dlt=1616083921490&idt=2214&frm=20&biw=1600&bih=1200&oid=3&adxs=141&adys=1570&adks=1605521309&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kufar.by%2Flistings&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1129222434.1616083922&ga_sid=1616083924&ga_hid=305207293&ga_fc=false&fws=512&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
327278fbd92cffbea1ec7d4afa22797e9c2ad3d8e8d731c2b7fd5000a556dd98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
google-lineitem-id
5471237975
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322419047
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2210300137119003&correlator=2036897954452566&output=ldjh&impl=fif&eid=31060487%2C31060296%2C31060367%2C44739387%2C21066612&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=133764788%2Cdesktop_100x250_above_the_fold&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C980x90&fluid=height&prev_scp=AccountType%3DF&cookie_enabled=1&bc=31&abxe=1&lmt=1616083923&dt=1616083923768&dlt=1616083921490&idt=2214&frm=20&biw=1600&bih=1200&oid=3&adxs=477&adys=6418&adks=1378783751&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kufar.by%2Flistings&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1010x6204&msz=1010x266&ga_vid=1129222434.1616083922&ga_sid=1616083924&ga_hid=305207293&ga_fc=false&fws=0&ohw=0&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a94c2bd94b47efcacd443c9441e5964757e9bd92890fd171c36b6ca506258b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11458
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kufar.by
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=305207293&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1820503268&gjid=1733254689&cid=1129222434.1616083922&tid=UA-64831541-3&_gid=791487872.1616083922&_r=1&gtm=2wg3a0KJFK6L&z=503965972
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=305207293&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&dp=https%3A%2F%2Fwww.kufar.by%2Flistings&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1766766270&gjid=783686826&cid=1129222434.1616083922&tid=UA-64831541-3&_gid=791487872.1616083922&_r=1&_slc=1&z=30071092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=305207293&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=button&ea=click&el=megamenu_show&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=1129222434.1616083922&tid=UA-64831541-3&_gid=791487872.1616083922&gtm=2wg3a0KJFK6L&z=585861378
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 12:18:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14020
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame B1A6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2040951.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
XiHWuSlxyXTFiPpyT4x9FyjfBjy18xh5RpzQadSo4578C2Co-n5APg==
age
9933060
7866798992.jpg
yams.kufar.by/api/v1/kufar-ads/images/78/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/78/7866798992.jpg?rule=line_thumbs_2x
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
001214eedf2128ba35028f38424075150938ee7d6cbccd39813076b3b0a587ac

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 07:10:07 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
5192342c2abef1b1dce1a2293f311406
age
205317
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
9719edc7-3213-42c3-a25b-f690a0db9e40
x-from-cache
true
content-length
7450
x-request-id
9719edc7-3213-42c3-a25b-f690a0db9e40
last-modified
Sat, 20 Feb 2021 12:29:07 GMT
etag
"05288dd7c6462e98c823b37e7425c6f2420691001e69e36e3717dac97c3f95bb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
jg2XhECetm8FPAMrnLAMwC8CNCjMkTYdORlnckfScN-gfIr0jDqEvA==
9547638412.jpg
yams.kufar.by/api/v1/kufar-ads/images/95/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/95/9547638412.jpg?rule=line_thumbs_2x
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
354aa7ffd803fabaa0b653b353004eddd21a27bc1f39407488ecaad613dc73de

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 05:23:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
132c73b05de2b33e8f154910c6f825bb
age
125332
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
b114dfd1-77f6-456a-a11c-5408802f6882
x-from-cache
true
content-length
8239
x-request-id
b114dfd1-77f6-456a-a11c-5408802f6882
last-modified
Tue, 09 Mar 2021 14:28:03 GMT
etag
"578de09d5e1afb6848db7402d7865ed8a58ad0b2a9c3ac1709fa668a4ca2798e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
YOfDlUhnzohVcnTRlLpHxp4-5KjXqevZQ0osTX7QJfiDX3YkWSNGqQ==
0335067338.jpg
yams.kufar.by/api/v1/kufar-ads/images/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/03/0335067338.jpg?rule=line_thumbs_2x
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
26829fd4a28be2ccc1dd0d102e1421c30faafe60b1e2aa72504bc61e58062a57

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 14:45:11 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
717e2318a37db69b29257cb6e692481a
age
91613
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
f348feef-a36f-4e52-b2eb-3de0f08f39b6
x-from-cache
false
content-length
12093
x-request-id
f348feef-a36f-4e52-b2eb-3de0f08f39b6
last-modified
Wed, 17 Mar 2021 14:45:11 GMT
etag
"28b609bed38ce5334f4129f36607efa1649b950399ad11c9e150dbf6557498c9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
aDi3aDS3NedIbdsvIV98pHEXwV9RVPEX5SH-eqaBLnZ2Uy9BWQLwfg==
frauders-message.png
content.kufar.by/static/frontend/img/ 		18 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/frauders-message.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
30174d003861beeddcb22524beef11038e690ab75945dbdb8a1cd94b4ad116e9

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
176
etag
"dccf21ab8ca91f09e668760343d19667"
x-cache
Hit from cloudfront
content-type
image/png
via
1.1 b36be15970c5843fdffdeac4b63f2ad9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
17068
x-amz-cf-id
SjnpDBhu6LKsroYOR4xy1S2nASeVcC_lf9yfXlxoTiYIuY4P42HZ0A==
thinking-face-emoji.png
content.kufar.by/static/frontend/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/img/thinking-face-emoji.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
bae2c6ef4e9c527076bd16e6882f80919e045f680f2416d4b1f42cf1f832884e

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
176
etag
"c3e69c70055d57ee1be3f99d54a5a146"
x-cache
Hit from cloudfront
content-type
image/png
via
1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
2256
x-amz-cf-id
R3eof9fKH5XzxGBIpxwbI-mPFUvoDppugKyMaPFeoRXlY-gbuhvg1Q==
cross-icon.svg
content.kufar.by/static/frontend/svg/ 		344 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.kufar.by/static/frontend/svg/cross-icon.svg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.17.16.243 Minsk, Belarus, ASN25106 (MTSBY-AS, BY),
Reverse DNS
243-16-17-134-cloud.mts.by
Software
openresty /
Resource Hash
b86628eef46d6268040fe71162626333e5b4472269be911ff833c2a2e421128e

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:03 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 13:27:58 GMT
server
openresty
age
188
etag
"4a0cbdc7d39674e5f8e5df9e80e42517"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 da1b51482b08b4548d36c4cddfb34c00.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
access-control-allow-origin
*
content-length
248
x-amz-cf-id
X8uBaA9O6CsXbb6Sg06eu5jHPmOpuIBc9GqamurTfc0qBDtKe39xQA==
rexdot.js
gaby.hit.gemius.pl/__/_1616083924006/
Redirect Chain
  • https://gaby.hit.gemius.pl/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kufar...
  • https://gaby.hit.gemius.pl/__/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ku...
169 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby.hit.gemius.pl/__/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kufar.by%2Flistings&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Yu5gAEhzkXmuzR1rfeg.2jFSC9D1G0rDSqMYkgFDHLD.Q7&vis=1
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
5125ee8d908ca8a8e8f1f95735d853c105087d7c7c3bde0a05e685af15ee90fd

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 17 Mar 2021 16:12:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1616083924006/rexdot.js?l=100&id=AptFzSd84dPcQry7ocSwJJPa71x68QN6E7OWEwcM7oT.b7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kufar.by%2Flistings&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=Yu5gAEhzkXmuzR1rfeg.2jFSC9D1G0rDSqMYkgFDHLD.Q7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 17 Mar 2021 16:12:04 GMT
/
www.google.com/pagead/1p-user-list/861964165/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/861964165/?random=1616083922405&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.kufar.by%2Flistings&tiba=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20&async=1&fmt=3&is_vtc=1&random=1526287030&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/861964165/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/861964165/?random=1616083922405&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.kufar.by%2Flistings&tiba=%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20&async=1&fmt=3&is_vtc=1&random=1526287030&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=558642698030285&ev=PageView&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&rl=&if=false&ts=1616083924390&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616083924389.32725485&it=1616083922421&coo=false&rqm=GET
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Mar 2021 16:12:04 GMT
0474472695.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0474472695.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
d14b61aaa85c0a51608c3553c8e6e9dcf0d9689d993547be4f61d8af31dbf62b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:51 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
1a2bf818f68c9338379385ba37632fce
age
13
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
2d91f5e4-8a2a-4144-9aec-a4a4c69496c5
x-from-cache
true
content-length
6939
x-request-id
2d91f5e4-8a2a-4144-9aec-a4a4c69496c5
last-modified
Thu, 18 Mar 2021 16:11:49 GMT
etag
"ef47feae448a892c83d5fd2d929aef68f6d662efe07e07f760ecd21afb44bb36"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
BU5EoG8paNkY5IlaUrUsSAD7rHy05eFR3P3rHygAAevYEDyxElrCNQ==
0489447793.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0489447793.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
df03e76d3adc59a37462270eb0b680d527fd2d1c45ebd388e12c73cdc87d7cca

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:36 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
ab006e08dc34191ec98ac0b4eb004b70
age
28
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
02be33c8-8ddd-40e7-b6b6-f5c42ef483a1
x-from-cache
false
content-length
6254
x-request-id
02be33c8-8ddd-40e7-b6b6-f5c42ef483a1
last-modified
Thu, 18 Mar 2021 16:11:36 GMT
etag
"c15eaa4082b26022fa38fd1109b9067f03b63d481c2bf913e6042b738f1dfec3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
bLd6kKBrQUpDVUCz-r_UIvjCYsAERtxLbs_5PBujBWQCKZWE_Mv6KA==
0451674415.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0451674415.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
12323b469744d3122a6ab38331ec29e33b2ae39992c6949ed20684be130e22df

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:51 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
51edef4db0ada23e573e73dc4b161741
age
13
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
09064c65-4f72-422c-80ad-75f7a9805eb9
x-from-cache
false
content-length
5495
x-request-id
09064c65-4f72-422c-80ad-75f7a9805eb9
last-modified
Thu, 18 Mar 2021 16:11:51 GMT
etag
"41012ea804a77276bb4d3311ab5b7f1feadb6d2ebff4e064df4d7b65741ea8b1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
k1UO7DMfnMPLKd5Ajbe6COeNBU6WEu0Tg9a8JN-amhMzS-IFF1-Nag==
0497375119.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0497375119.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
c85855bca4bc19a1a6898624424443ce3a5e6b19f47212dbf5262c43b7a82a68

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:53 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
6d1d98856282c73a6696150576261270
age
11
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
edc849ec-e2c2-4f6f-bef4-5f86c1779079
x-from-cache
false
content-length
4907
x-request-id
edc849ec-e2c2-4f6f-bef4-5f86c1779079
last-modified
Thu, 18 Mar 2021 16:11:53 GMT
etag
"ed68ec6445139cb3f687b687b56c996bbd26e332f21fc7aa5a006d2b36885a8e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
gLhlxM3xoFOR574zGLixNXiILCyCNAqfw4R4ri9rMjcsOLBfcmkTzw==
0447710752.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0447710752.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
bad9adb7bd15a22b1d3e73ce5dd610cd4a3e0dd5d8d6d7e3fb8ed634d65e047a

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:52 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
d247de7d90a0febc34884f5cfdeb7a95
age
12
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
62583e97-34fb-4647-8089-d7a2c085fa73
x-from-cache
true
content-length
4317
x-request-id
62583e97-34fb-4647-8089-d7a2c085fa73
last-modified
Thu, 18 Mar 2021 16:11:49 GMT
etag
"87db1da0ac27adcb9bc3711269cb3733880d78ed01889d7e413379c265bae80a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
NDCYC8iqipeJNTZI9R6wtcWytOVQ6msIqLvbEsZ0TzsDkn6WrGLt6A==
x80
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/x80
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
b61fad1fda244a24e2b9e5d287b20519f8105db8dd370dd45b2c1e61372ca8fc

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
last-modified
Wed, 16 Sep 2020 06:07:29 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1448
x-request-id
d37b7105fb107c7
jstracer
an.yandex.ru/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=1129&values=block_render&adb=false&verison=1129&bundle_version=1129&widget_pf=no
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
an.yandex.ru/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=1129&values=performance&adb=false&verison=1129&bundle_version=1129&widget_pf=no
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=48181277959
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:03 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1766766270&gjid=783686826&_gid=791487872.1616083922&_u=aGDAAEADQAAAAC~&z=182486426
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Mar 2021 16:12:04 GMT
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 7B00 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106362
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7B00 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106362
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7B00 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106362
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7B00 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106363
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:21 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7B00 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106362
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 10:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 10:39:22 GMT
css
fonts.googleapis.com/ Frame 7B00 		4 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 15:13:02 GMT
server
ESF
date
Thu, 18 Mar 2021 16:12:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 16:12:04 GMT
css
fonts.googleapis.com/ Frame 7B00 		4 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 15:14:37 GMT
server
ESF
date
Thu, 18 Mar 2021 16:12:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 16:12:04 GMT
truncated
/ Frame 7B00 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01bfae1ae5bca5f321f40d097446d826cdf0f47bfd91e2649444746e4eb38cec

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/11404690914431968940/ Frame 7B00 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11404690914431968940/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qml_QMFwFVA5g6eJHTQR12k1attcg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f374efb40f6472c5fcb54c98d5e0abcc0800f27ed6aaf3716fa719e27de56f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 20:42:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 19:14:06 GMT
server
sffe
age
156601
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75528
x-xss-protection
0
expires
Wed, 16 Mar 2022 20:42:03 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16115170791357833/ Frame 7B00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16115170791357833/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qkjTBQ6_nCBUKrw9DxeYe6a3xb80Q
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
855a1d75870327eb4df4cdd51fff7a55a9be8ee0b2e7de65121eded88be1e582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 09:59:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 19:14:04 GMT
server
sffe
age
454355
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5786
x-xss-protection
0
expires
Sun, 13 Mar 2022 09:59:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7B00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcSO603tTYIjoMYm2x_AP35-2wA-0nMunYd7rmc6mDZHO7bn3ChABIKTo1Shg9ZXOgeAEoAH255HWA8gBBqkCVSY_dfEdsj7gAgCoAwHIAwqqBM0BT9DxIaNTSEkKHV8mEMQsuqyY7ajIiDIJl4AJdI0eDQePzGAZk8qEy0-uAHtHlBSxAnXV8vEBz-M2bb_Hj7o73LhYk3FF8flYd9oi-mzJ89jMCIlXySt-gHKEqEdLMufKVEip1x7I97LDinvD0HFQ5HJwnH2t-hyYpon2f5SQymU0Rq-K7fYKxbq_zgKMpa7Eufx_nR1HeliFv6BjHAa_0r-fEOitVwUiHODkTTUylQcNRnKmTbXYoY7RwB3o4F3vF8UHijidpXBwXViXucAEgumkisAD4AQBkgUECAQYAZIFBAgFGASgBjeAB_KX7imoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ5fIK0ggHCIBhEAEYHYAKA8gLAdgTDbIXGgoYCAASFHB1Yi05OTUyOTM2MTg2ODcwODAy&sigh=LeU_JX31FHw&template_id=492&tpd=AGWhJmtHZjBfMRvmB1qnsiKkRD482WEC_sJ93jhfL6BIytvEwg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 7B00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnfeh4bt4uMnwKkOTEceGWKNNzsWTX7PtTBvWc97FXXCb3jlquA8tGQnO_wy66E5fKbTaPKpo0-prxG1eyTIC3Fbck-g
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
20977
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 19 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B00 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
35542
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 19 Mar 2021 06:19:42 GMT
1eeeec39fde7e20cd518.js
yastatic.net/partner-code-bundles/14159/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14159/1eeeec39fde7e20cd518.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
16af007dda36563ee2ba4c131767b7cb930c45ab183b3ed95ece1c33f7d2536f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4197
last-modified
Mon, 15 Mar 2021 08:10:16 GMT
server
nginx/1.17.9
etag
"9e5af20018d3d2e66ac7606731933d8c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:23 GMT
8da3847acaf39220e8f4.js
yastatic.net/partner-code-bundles/14159/ 		391 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14159/8da3847acaf39220e8f4.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
793edecc64bab6c0fe357a21137b9a7a680b69c5ed7abc071df5cfd5620c9bd3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
82944
last-modified
Mon, 15 Mar 2021 08:10:16 GMT
server
nginx/1.17.9
etag
"6297d122fed98bfc9cb2eda5256ef76f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:23 GMT
ffc8973b018f6b603321.js
yastatic.net/partner-code-bundles/14159/ 		270 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14159/ffc8973b018f6b603321.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2d3503504608acea144c8ea7c97b485ef46d4424ad1db3f9cfde31fc1aab5068
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
45490
last-modified
Mon, 15 Mar 2021 08:10:17 GMT
server
nginx/1.17.9
etag
"239659bb68ad4ca6f606d4a202a9ff99"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:23 GMT
1
mc.yandex.ru/watch/19426846/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/19426846/1?page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A1%3Als%3A1518729547175%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171204%3Aet%3A1616083925%3Ac%3A1%3Arn%3A223169372%3Au%3A1616083923488741529%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1457%2C4%2C%2C%2C%2C2557%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C1186%2C3%2C%2C%2C%2C2557%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083925
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
last-modified
Thu, 18-Mar-2021 16:12:04 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO_5I26qL19M9D3W5bgDfOPpO5RA3KrKVsn2C2NrRCKt9E4Njlfbaax1iizjLZcMZ1U1eKp7NALdarxT-6flQeob34DmZZOpMHSHiJlv2zuCrXiU47rgX1iDBFkAsOHAzYGbK5_ntlX4MGlddBWNkSMAmIC3SUE-HJSLlSa1Pz-x89Fn8bSpgRbYmE1iFdqwjFFyhZrBHRGSw0geqbM6ktptEa9UFIJF6Hafdcnui2EuFSQQaAQvStwhdm4orlPAcnYyw9o9TKevnhdFW97GSQ4TTmhRQDPddMKfmc08X2NfJ6eoP3WP61GFfYktFbvaDrhmCee3MsBjp_cw&sig=Cg0ArKJSzATJrqW-tBZvEAE&urlfix=1&adurl=
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 16:12:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
hintfly.com/ Frame 60EA 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
71b61d0f83d5e8a0b4503754a4d5530b32ba8c66caaeb3a5444dc7f8e69422be

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:05 GMT
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
8rAZ_kOafEN6uWeuRM4y7hArEBmEo08x4r2ZLl5g8KejQ61B1dkRkQ==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60EA 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:04 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:04 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1820503268&gjid=1733254689&_gid=791487872.1616083922&_u=aGDAAEACQAAAAC~&z=610274655
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Mar 2021 16:12:04 GMT
content-type
text/plain
access-control-allow-origin
https://www.kufar.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1766766270&_u=aGDAAEADQAAAAC~&z=1328564950
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1766766270&_u=aGDAAEADQAAAAC~&z=1328564950
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y300
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/y300
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:04 GMT
last-modified
Wed, 16 Sep 2020 06:07:29 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
9570
x-request-id
c6bdd44b03bc83e
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7B00 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.kufar.by
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
251065
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:27:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7B00 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.kufar.by
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
249617
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:51:47 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7B00 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.kufar.by
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:42:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:51 GMT
server
sffe
age
66581
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9900
x-xss-protection
0
expires
Thu, 17 Mar 2022 21:42:23 GMT
v2
an.yandex.ru/adfox/274487/getBulk/
Redirect Chain
  • https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758&prr=&pv=17&pw=4...
  • https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758...
171 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cbivx&p2=gadt&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
fe0ad3d792195d812478a9b0ba4eba480871d74fd1911c17535800d42b136bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
location
https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.961%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1425830529&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cbivx&p2=gadt&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT
v2
an.yandex.ru/adfox/274487/getBulk/
Redirect Chain
  • https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&prr=&pv=17&pw=4&...
  • https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&...
170 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cdehi&p2=gadt&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
d7b563acc38dd793f7904bbf6ec8188861a5581838e6cfea104ed8ca3e8fe2f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
location
https://an.yandex.ru/adfox/274487/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A04.988%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=969046527&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid20=10&puid30=&puid31=&puid32=N&puid34=&puid35=&puid37=&puid36=&p1=cdehi&p2=gadt&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT
events
bidder.criteo.com/csm/ 		0
142 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:04 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 13 Mar 2022 16:12:05 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 13 Mar 2022 16:12:05 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 04D4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=69291ac4-30b5-514d-9155-0342f1067890&CACHEBUSTER=374972
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43236&randsalt=4738170687
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=69291ac4-30b5-514d-9155-0342f1067890&CACHEBUSTER=374972
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

server
nginx
date
Thu, 18 Mar 2021 16:12:05 GMT
content-type
text/html
last-modified
Fri, 22 Jan 2021 13:30:11 GMT
etag
W/"600ad363-1003"
content-encoding
gzip
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D74c70018-5682-478e-81d4-85d34abe637d
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=8f986053-7bd5-4c00-8c3b-95ccc983b619&expires=30&ssp=between&bsw_param=74c70018-5682-478e-81d4-85d34abe637d
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=DM7Q7fpi1G.AikABlF4Rhu43w
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=DM7Q7fpi1G.AikABlF4Rhu43w
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f6-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=DM7Q7fpi1G.AikABlF4Rhu43w
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d&crf=1
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d&crf=1
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=114&external_user_id=850edc836088f184f0e2d76d&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=69291ac4-30b5-514d-9155-0342f1067890
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjV982CBlIFvp7KygpiJDY5MjkxYWM0LTMwYjUtNTE0ZC05MTU1LTAzNDJmMTA2Nzg5MA**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjV982CBlIFvp7KygpiJDY5MjkxYWM0LTMwYjUtNTE0ZC05MTU1LTAzNDJmMTA2Nzg5MKIBEK58wGiIBBHrhuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjV982CBmIkNjkyOTFhYzQtMzBiNS01MTRkLTkxNTUtMDM0MmYxMDY3ODkwogEQrnzAaIgEEeuG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjV982CBmIkNjkyOTFhYzQtMzBiNS01MTRkLTkxNTUtMDM0MmYxMDY3ODkwogEQrnzAaIgEEeuG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=ae7cc068-8804-11eb-86e0-002590c0647c
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=ae7cc068-8804-11eb-86e0-002590c0647c
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 18 Mar 2021 16:12:05 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//ads.betweendigital.com/match?bidder_id=18&external_user_id=ae7cc068-8804-11eb-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
1
mc.yandex.ru/watch/357986/
Redirect Chain
  • https://mc.yandex.ru/watch/357986?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf...
  • https://mc.yandex.ru/watch/357986/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Au...
35 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357986/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083925%3Ac%3A1%3Arn%3A994074304%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083925%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Mar-2021 16:12:05 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:05 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
last-modified
Thu, 18-Mar-2021 16:12:05 GMT
location
/watch/357986/1?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083925%3Ac%3A1%3Arn%3A994074304%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083925%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:05 GMT
kufar-reply-time
api.houston.advgo.net/v1/houston/configs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.houston.advgo.net/v1/houston/configs/kufar-reply-time?platform=web&tenant=kufar&environmentId=f624d898-5f92-42ea-a14f-31bd4542ca6d
Protocol
H2
Server
34.248.155.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-155-99.eu-west-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.kufar.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
openresty/1.15.8.2
date
Thu, 18 Mar 2021 16:12:05 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
*
access-control-allow-methods
OPTIONS
access-control-allow-headers
Cache-Control, Content-Type, Pragma, x-requested-with, x-test-request
access-control-max-age
86400
sync
cis.mpianalytics.com/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cis.mpianalytics.com/api/v1/sync?ANID=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcis.mpianalytics.com%2Fapi%2Fv1%2Fsync%3FANID%3D%24UID
  • https://cis.mpianalytics.com/api/v1/sync?ANID=3170010058389607609
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cis.mpianalytics.com/api/v1/sync?ANID=3170010058389607609
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.141.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:04 GMT
Server
Finatra
Connection
keep-alive
Access-Control-Allow-Methods
GET, OPTIONS

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:05 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
fff6c9b2-808a-4b02-94ce-c9c6736d3002
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cis.mpianalytics.com/api/v1/sync?ANID=3170010058389607609
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
kufar-reply-time
api.houston.advgo.net/v1/houston/configs/ 		582 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.houston.advgo.net/v1/houston/configs/kufar-reply-time?platform=web&tenant=kufar&environmentId=f624d898-5f92-42ea-a14f-31bd4542ca6d
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.248.155.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-155-99.eu-west-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
950d9493e8e4e1c40210193671a0ea5120029a2069527ded5adeb5dd704b4d6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=1500
server
openresty/1.15.8.2
content-encoding
gzip
date
Thu, 18 Mar 2021 16:12:05 GMT
content-type
application/json; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1820503268&_u=aGDAAEACQAAAAC~&z=314404003
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-64831541-3&cid=1129222434.1616083922&jid=1820503268&_u=aGDAAEACQAAAAC~&z=314404003
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 60EA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c85cf7fde666488f4d0c956e7ac3ab0f2eff998805b9624c8ee203fac5009332

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7B00
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 18 Mar 2021 16:12:05 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
0468825197.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0468825197.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
a3925f750a40fd373233b0695a684bcfc2fcc7908e49c0c470fe75bf71a14b7f

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:01 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
a76f0848e1861641f7221f6f67a8cea2
age
4
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
293bf1a4-0bc2-4f1f-96d4-e89d01bab094
x-from-cache
false
content-length
5958
x-request-id
293bf1a4-0bc2-4f1f-96d4-e89d01bab094
last-modified
Thu, 18 Mar 2021 16:12:01 GMT
etag
"1f2de6b475560fdda5ee9e8fba47eae59175146d104b16c5170baca3a3e3c4a7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
jleVt5LDyEFJGPiTnLg-GuVvCrlaMEgwH4uqe6mSznOHc3gAnZvHnw==
0486259540.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0486259540.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
5780041612840d8ffb1fdb45f13022663ab68ac0fe76ceca76610fbae0f74515

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:53 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
52d2c8ddd25ecfe42fcad0f427eda370
age
12
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
f8e41723-a511-4656-abf5-317b1287c7cb
x-from-cache
true
content-length
4437
x-request-id
f8e41723-a511-4656-abf5-317b1287c7cb
last-modified
Thu, 18 Mar 2021 16:11:49 GMT
etag
"9b0da40ffa93c9b6482683854162b3bafcac3b92336243972d609af23b66c18b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
_jAbHfVFYrVe7a6yf8ErBn1K1m5KlRu7Qd6wolxnzAnCHCIFrfibmw==
0478332214.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0478332214.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
904c36c6e12c71de568bc6bd181d3fbe5f18d110a14d5cbcd6ee701809377820

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:53 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
afab1a6fbd54df90e194953779954410
age
12
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
afd97fde-9db6-421b-b59e-832e5f8ebc67
x-from-cache
false
content-length
8243
x-request-id
afd97fde-9db6-421b-b59e-832e5f8ebc67
last-modified
Thu, 18 Mar 2021 16:11:53 GMT
etag
"210c4373042ab3c8baa5f4a61f68ebe5ef2cefad3a2d38c4b1f537bf705975c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
cr7bO7dLx9vEtsZhAwWbUtPCNZF_s7Orv0o9ynByyUhQiSh4Pw_xcA==
downsize_200k_v1
tpc.googlesyndication.com/simgad/11404690914431968940/ Frame 7B00 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11404690914431968940/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qml_QMFwFVA5g6eJHTQR12k1attcg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f374efb40f6472c5fcb54c98d5e0abcc0800f27ed6aaf3716fa719e27de56f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 20:42:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 19:14:06 GMT
server
sffe
age
156602
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75528
x-xss-protection
0
expires
Wed, 16 Mar 2022 20:42:03 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16115170791357833/ Frame 7B00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16115170791357833/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qkjTBQ6_nCBUKrw9DxeYe6a3xb80Q
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
855a1d75870327eb4df4cdd51fff7a55a9be8ee0b2e7de65121eded88be1e582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 09:59:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 19:14:04 GMT
server
sffe
age
454356
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5786
x-xss-protection
0
expires
Sun, 13 Mar 2022 09:59:29 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
20978
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 19 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B00 		344 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
35543
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 19 Mar 2021 06:19:42 GMT
usersync
hintfly.com/ Frame 486C 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=bf015d70a3a80b28dcfcaab0028c62888&cb=8512311616083925335
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usersync?i=ru2f6xrns6cv15e4g0d&a=bf015d70a3a80b28dcfcaab0028c62888&cb=8512311616083925335
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
w90BH6T15XitFv8gtE_N0dCVqNKDJHQnH82RzPm3_-FzcmUdyTNuoA==
usync
hintfly.com/ Frame B264 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=6b2026d8113c11f7a3bffd30bb4cd5ee3&cb=7599521616083925339
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usync?i=ru2f6xrns6cv15e4g0d&a=6b2026d8113c11f7a3bffd30bb4cd5ee3&cb=7599521616083925339
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
5njFCp6zUJ7Nv0EH1PTN-Zu_E9VgS1oKucnyPzlmcEDaXFgGOAnFvg==
usersync
hintfly.com/ Frame 7693 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ed6eeb336911afb06f562c641e1127f3&cb=5646731616083925362
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usersync?i=ru2f6xrns6cv15e4g0d&a=4ed6eeb336911afb06f562c641e1127f3&cb=5646731616083925362
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
PRyB_uK4B5v5WBSixVfCrQDzJSTQA2t_TseM8qsQxpVMG4Do8dx5xw==
count
hintfly.com/ Frame CBD6 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/count?i=ru2f6xrns6cv15e4g0d&a=7e9062b3199e9fdcd0b17ad4378abf223&cb=2483901616083925374
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/count?i=ru2f6xrns6cv15e4g0d&a=7e9062b3199e9fdcd0b17ad4378abf223&cb=2483901616083925374
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
QworkbrpHBv2zsZgqNc9ySEWyc1tbN1CNRNyYCDMQ-SP3jB8QSGRAg==
usersync
hintfly.com/ Frame 9F03 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=0985d75b167cb55355af6f666d6421e43&cb=6062091616083925385
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usersync?i=ru2f6xrns6cv15e4g0d&a=0985d75b167cb55355af6f666d6421e43&cb=6062091616083925385
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
NnKfJyQtTjH50LP3VhtDBFmkDN3dXwLNRQBm_6x1sr2u5DO0J5nyQA==
send
hintfly.com/ Frame 263D 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=b571a97c9be7d1867fcf8fa73d68bfca3&cb=4031341616083925392
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/send?i=ru2f6xrns6cv15e4g0d&a=b571a97c9be7d1867fcf8fa73d68bfca3&cb=4031341616083925392
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
nvNPEuHR_lV70QD90QNEolV5VsPznVG8p-kgsBC-0hjMKLKfJQFOAw==
usync
hintfly.com/ Frame 3937 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=7a89c712839bf07b617492706c3ce4471&cb=7801551616083925403
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usync?i=ru2f6xrns6cv15e4g0d&a=7a89c712839bf07b617492706c3ce4471&cb=7801551616083925403
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
mkYetFqRI5qyb1Y2SWZsV_fACdFuyA_0QIn4MZN0B9_WPckod6DrDQ==
stat
hintfly.com/ Frame 12B1 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/stat?i=ru2f6xrns6cv15e4g0d&a=739f72dbfc796f625f351130631a79b57&cb=8666291616083925415
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/stat?i=ru2f6xrns6cv15e4g0d&a=739f72dbfc796f625f351130631a79b57&cb=8666291616083925415
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7xhx2nVwCYB2w0w5oTqTIauBhM3b1chefv2gOdSSKhJDa5LR6NkHhw==
usync
hintfly.com/ Frame FC91 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
3s45sAhJvA9AaosHUWwyMDeybznTJ_9mDATeanyMlomiYuB3k6xOeQ==
syncro
hintfly.com/ Frame FBEF 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/syncro?i=ru2f6xrns6cv15e4g0d&a=83064ecd2103e9f1086580d44f903b249&cb=5940071616083925428
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/syncro?i=ru2f6xrns6cv15e4g0d&a=83064ecd2103e9f1086580d44f903b249&cb=5940071616083925428
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
4foJdhRrR9VCzLOVw1rSzeCpAeRFkFOOfFGQrxZ3Atbv3b0I8VAjeA==
usersync
hintfly.com/ Frame B5AF 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ee4dc933a02730c4861ea207900c3f39&cb=3388011616083925434
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/usersync?i=ru2f6xrns6cv15e4g0d&a=4ee4dc933a02730c4861ea207900c3f39&cb=3388011616083925434
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
BEUy6N27F5C-atlTnZUshWQfVrtbOAA-HoCWRLy3iVswagc7Mqhkxw==
send
hintfly.com/ Frame 80AE 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=fb0672391895c0aae1e7aa0e53cc74483&cb=1999531616083925465
Requested by
Host: hintfly.com
URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88

Request headers

:method
GET
:authority
hintfly.com
:scheme
https
:path
/send?i=ru2f6xrns6cv15e4g0d&a=fb0672391895c0aae1e7aa0e53cc74483&cb=1999531616083925465
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=d9e6e1707bd619c2480eff5107a8a9e16912dad4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Mar 2021 16:12:05 GMT
x-cache
Miss from cloudfront
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
SiFGhOhV-2mc3NFkxgOnBTWWWRFFsE1YkfumEKxkC7kjtHr_8BzT9w==
sdrn:schibsted:client:kufarby
collector.mpianalytics.com/api/v1/track/ 		79 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.mpianalytics.com/api/v1/track/sdrn:schibsted:client:kufarby
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.47.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-47-170.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
90687150c18ec51580a40877532d01b82c479d207966f5b51972f0efee916f18

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
server
Finatra
content-length
88
content-type
text/plain; charset=utf-8
sdrn:schibsted:client:kufarby
collector.mpianalytics.com/api/v1/track/ 		79 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.mpianalytics.com/api/v1/track/sdrn:schibsted:client:kufarby
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.47.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-47-170.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
90687150c18ec51580a40877532d01b82c479d207966f5b51972f0efee916f18

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.kufar.by
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
server
Finatra
content-length
88
content-type
text/plain; charset=utf-8
v2
an.yandex.ru/adfox/274487/getBulk/ 		32 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A05.596%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=1116093011&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A300%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid30=&puid31=&puid32=N&puid34=&puid35=&puid36=&p1=ckjmf&p2=gard&slotNumber=4&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9b8ffd7a45490ece6534884cc94ee76b07713ca019b12a1a18e3dcc181592459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT
v2
an.yandex.ru/adfox/274487/getBulk/ 		32 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A05.607%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=411841765&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A300%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid30=&puid31=&puid32=N&puid34=&puid35=&puid36=&p1=ckjmg&p2=gard&slotNumber=5&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
15920dbfb5f27386aecb059e9356dc191c0d350699f17f649ccf01043b1fca44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT
v2
an.yandex.ru/adfox/274487/getBulk/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/274487/getBulk/v2?dl=https%3A%2F%2Fwww.kufar.by%2Flistings&date=2021-03-18T17%3A12%3A05.613%2B01%3A00&pd=18&pdh=1200&pdw=1600&pr1=4205135856&pr=3487601758&prr=&pv=17&pw=4&extid_loader=&extid_tag_loader=www.kufar.by&ylv=0.3051&ybv=0.3050&ytt=550855331285013&is-turbo=0&skip-token=&ad-session-id=7252771616083922389&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A994%2C%22h%22%3A300%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=Sso4smXS82miyThDZvEaLk_HE3707ErlIwrmdWa9-oJZA44XTdY5EBaQxGmzszIRxcQn4VYLPBXgAli70pP-sA8u9U-DP8UDuZsd_969peuEFyxxl0PJ80kRzCUANd3sC184njmlwMOGtBtwEl2O_bCXNZfn_MeOT94HKoYvv32RJgn5mX6t8g%3D%3D&matchid-cookies-sign=FXGAtXCLEz_dRlHWkbziDQ%3D%3D&puid16=0&puid17=0&puid30=&puid31=&puid32=N&puid34=&puid35=&puid36=&p1=ckjmh&p2=gard&slotNumber=6&matchid-direct=1&bids=W10%3D&grab=dNCa0YPRhNCw0YAg0LIg0JHQtdC70LDRgNGD0YHQuCAtINC00L7RgdC60LAg0LHQtdGB0L_Qu9Cw0YLQvdGL0YUg0L7QsdGK0Y_QstC70LXQvdC40LkgfCDQkdCw0YDQsNGF0L7Qu9C60LAg0LIg0JHQtdC70LDRgNGD0YHQuAoxS3VmYXIgLSDQv9C70L7RidCw0LTQutCwINC-0LHRitGP0LLQu9C10L3QuNC5INCyINCR0LXQu9Cw0YDRg9GB0LggCjLQlNCw0YDQuNC8IDUwINC60YPRhNC-0LIg0LfQsCDQv9C-0LrRg9C_0LrRgyDQuNC70Lgg0L_RgNC-0LTQsNC20YMg0YLQvtCy0LDRgNC-0LIhIAoy0JrRgNC10YHQu9C-LdC80LXRiNC-0LouINCi0LrQsNC90Ywg0JPQoNCV0KLQkC4g0JTQvtGB0YLQsNCy0LrQsCDQv9C-INCg0JEuINCh0LrQuNC00LrQuCAKMjEwMCUg0JDQutGA0LjQu9C-0LLQsNGPINCy0LDQvdC90LAgMTUwINGB0LwuINCf0L7Qu9GM0YjQsC4g0JTQvtGB0YLQsNCy0LrQsCAw0YDRg9CxIAoy0J_RgNC-0LTQsNC8INGB0LLQsNC00LXQsdC90L7QtSDQv9C70LDRgtGM0LUuIAoz0JfQsNC60LvQtdC_0LrQuCAKM9C60L7RgNC_0YPRgSDRgSDQtNCy0LQg0L_RgNC40LLQvtC00L7QvCDRgdCw0YLQsCAKM9Ca0YPQu9C10YAg0L_RgNC-0YbQtdGB0YHQvtGA0L3Ri9C5IAoz0LzQsNC90LjQutGO0YDQvdGL0LUg0L3QvtC20L3QuNGG0YsgCjPRgdCy0LXRgtC-0LTQuNC-0LTQvdGL0LUg0LvQsNC80L_QvtGH0LrQuCA2VyAKM2lQaG9uZSBYIDY0Z2IgCjPQmtC-0YHRgtGO0Lwg0YHQv9C-0YDRgtC40LLQvdGL0LkgCjPQn9C10YDRhNC-0YDQsNGC0L7RgCBTa2lsIDE3NjUgTUEgCjPQltC10L3RgdC60LjQtSDQtNC20LjQvdGB0YsgCjPQn9C-0LvRg9GB0LDQv9C-0LbQutC4INCd0LDRgi7QutC-0LbQsCDQndC-0LLRi9C1LCDRgC40MCAo0KDQsNGB0L_RgNC-0LTQsNC20LApIAoz0JbQuNC70LXRgtC60LAgCjPQqNGC0L7RgNGLIAoz0KPRgtGO0LbQvtC6INC00LvRjyDQstC-0LvQvtGBIAoz0JrQtdC00YsgRWNjbyAzNi0zNi41INGC0L7RgNCzIAoz0JrQvtGE0YLQvtGH0LrQsCDQvdCwINC00LXQstC-0YfQutGDIAoz0KHRgtC40YDQsNC70YzQvdCw0Y8g0LzQsNGI0LjQvdCwLiAKM9Ca0L7RgdGC0Y7QvCAKM9CU0LbQuNC90YHRiyDQtNCy0LUg0L_QsNGA0YsgOS4xMCDQu9C10YIuINCU0LXRiNC10LLQvi4gCjPQlNC20LjQvdGB0Ysg0LTQu9GPINCx0LXRgNC10LzQtdC90L3Ri9GFIERhRmV5YSDRgCA0Ni00OCAoTCkgCjPQodGC0YPQuyAKM9Cb0L7RgiDQv9C-0LPRgNC10LzRg9GI0LXQuiwg0L_RgNC-0YDQtdC30L7QstCw0YLQtdC70Lgs0L3QsCDQutC-0LvRj9GB0LrRgyzQvdCwINGB0YLQvtC70LjQuiAKM9Ch0LzQtdGB0LjRgtC10LvRjCDQutGD0YXQvtC90L3Ri9C5INCd0J7QktCr0Jkg0L3QsCDQs9Cw0YDQsNC90YLQuNC4IAoz0JTRgNC10LvRjCDRg9C00LDRgNC90LDRjyBQUk9DUkFGVCBHRVJNQU5ZIAoz0KLQtdGC0YDQsNC00Ywg0KXQuNC80LjRjyA5INC60LvQsNGB0YEgCjPQp9C10YjRgdC60LjQuSDQtNC-0LzQuNC90LDQvdGC&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
09a29372ded58b5755d576055d2f1b8c9935de68aae650c03a9d44902dc21483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:05 GMT
1
mc.yandex.ru/watch/357986/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357986/1?page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083926%3Ac%3A1%3Arn%3A576791043%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C1457%2C4%2C%2C%2C%2C2557%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C1186%2C3%2C%2C%2C%2C2557%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083926
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
last-modified
Thu, 18-Mar-2021 16:12:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:05 GMT
357986
mc.yandex.ru/watch/ 		43 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357986?page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A0%3Als%3A1404781688786%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171205%3Aet%3A1616083926%3Ac%3A1%3Arn%3A642417762%3Au%3A1616083925496533539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083926%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
last-modified
Thu, 18-Mar-2021 16:12:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:05 GMT
pxl.jpg
hintfly.com/ Frame 60EA 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hintfly.com/pxl.jpg?i=ru2f6xrns6cv15e4g0d&s=524&p=https%3A%2F%2Fwww.kufar.by%2Flistings&rstk=https%3A%2F%2Fwww.kufar.by%2Flistings&h=9931351616083925710
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-99.dus51.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:05 GMT
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
content-length
597
x-amz-cf-id
gC0MWU-hBrvDeBwaqcev7JI5wtC6J9XiWv0xpyIQGfDe4-Tp96Mc9Q==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
0490639779.jpg
yams.kufar.by/api/v1/kufar-ads/images/04/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yams.kufar.by/api/v1/kufar-ads/images/04/0490639779.jpg?rule=line_thumbs
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-47.fra56.r.cloudfront.net
Software
/
Resource Hash
40b36736e20c4fc4c9d59075406fc5e85c16208bf4e406d93429c2a10910b398

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:11:52 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-md5
cc918e96d57ebe3a4ff4f99c62fad2c2
age
13
x-cache
Hit from cloudfront
x-schibsted_request_toplevel_uuid
c9bdf0c8-00ee-47b5-b4e7-b1699e0e00e7
x-from-cache
false
content-length
4600
x-request-id
c9bdf0c8-00ee-47b5-b4e7-b1699e0e00e7
last-modified
Thu, 18 Mar 2021 16:11:52 GMT
etag
"383ec2352b93e948699a25822d1c863a221e04ae6a36d37a543e2c6046e5feca"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
glmbhwpzVdmMOBdl5Wm8ErsWAuGOoUK_KCvTg7GW4W5hOvXu-vMYqw==
match
ads.betweendigital.com/ Frame 04D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=33357bd9-6237-4e17-b255-5916e0ff485f&ssp=between
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=74c70018-5682-478e-81d4-85d34abe637d
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
host.js
yastatic.net/safeframe-bundles/0.80/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.80/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://www.kufar.by
Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:05 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8120
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
server
nginx/1.17.9
etag
"7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2051 22:44:23 GMT
truncated
/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
576767
mc.yandex.ru/watch/ 		35 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/576767?wmode=7&page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A3%3Adp%3A0%3Als%3A793590322417%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171206%3Aet%3A1616083926%3Ac%3A1%3Arn%3A746537857%3Au%3A16160839261072265113%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083926%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Mar-2021 16:12:06 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:06 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=558642698030285&ev=Microdata&dl=https%3A%2F%2Fwww.kufar.by%2Flistings&rl=&if=false&ts=1616083926186&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9A%D1%83%D1...
  • https://cx.atdmt.com/?c=14752503481881043837&f=AYxqP_zy9k4wq8BDUxci0yRbKpR-C59beR_0qOjj0TFRgrb_raeYqi6pt5N2WeIo_KoawGFliOXJxiFfGDDLzHoY&id=558642698030285&l=3&v=0
43 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=14752503481881043837&f=AYxqP_zy9k4wq8BDUxci0yRbKpR-C59beR_0qOjj0TFRgrb_raeYqi6pt5N2WeIo_KoawGFliOXJxiFfGDDLzHoY&id=558642698030285&l=3&v=0
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
x-fb-debug
26OODKlJmK4otHIbjQg2aXnNgA4qsgp4RVdU8L3NRzdojMJtn0a8DmlndyLFg09QQjKdKQmpCZA5HFx25Zke3g==
content-encoding
br
x-content-type-options
nosniff
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 18 Mar 2021 09:12:06 PDT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Thu, 18 Mar 2021 09:12:06 PDT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
proxygen-bolt
content-type
text/plain
location
https://cx.atdmt.com/?c=14752503481881043837&f=AYxqP_zy9k4wq8BDUxci0yRbKpR-C59beR_0qOjj0TFRgrb_raeYqi6pt5N2WeIo_KoawGFliOXJxiFfGDDLzHoY&id=558642698030285&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
expires
0
prebid_v4_21.js
hb.adpone.com/ Frame 486C 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=bf015d70a3a80b28dcfcaab0028c62888&cb=8512311616083925335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pzw7OrbXFlZPca9DyuVOkSITiR0GoWTlwJdMgaKIjfGZexxsZgJhwbOq5k3Z6lelm1uqG4i891gcv00U2I4bdgUTDFe1J%2BiI8cFdTTI03pkw5j6A20EveYsR"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d53300004a74aa834000000001
cf-ray
631fbd9b8cfe4a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame B264 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=6b2026d8113c11f7a3bffd30bb4cd5ee3&cb=7599521616083925339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jk78zs%2BWmAAeJrTHR3xtKlPPrDPr0wt6z%2FWD0Ehiz7%2BpUqeqJtd6Mn5rE%2Bp7dn3gE9weDwLIcBWlGN3PzzCT7Odnd0SH3YdzzuJs23iTVrUJIm9OX99jjInG"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d53300004a74caaab000000001
cf-ray
631fbd9b8d034a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 7693 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ed6eeb336911afb06f562c641e1127f3&cb=5646731616083925362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pfJyGp3RiN3R6kTFy3SODxvOAM%2BHlBEkP%2FY0zLlrMEo9yBMUXdqb1ylwUVZr2XqHDdivsKpVvMFc9SNExu76mouoJ04XynRUgBQVx3ZMTaQB84zi5jqdRZg%2F"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d53000004a749d167000000001
cf-ray
631fbd9b8d054a74-FRA
1
mc.yandex.ru/watch/576767/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/576767/1?page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A1932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A3%3Adp%3A0%3Als%3A793590322417%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171206%3Aet%3A1616083926%3Ac%3A1%3Arn%3A947664059%3Au%3A16160839261072265113%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Ads%3A12%2C225%2C589%2C275%2C269%2C0%2C%2C1457%2C4%2C%2C%2C%2C2557%3Adsn%3A11%2C226%2C589%2C274%2C268%2C0%2C%2C1186%2C3%2C%2C%2C%2C2557%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083926
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
last-modified
Thu, 18-Mar-2021 16:12:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:06 GMT
576767
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/576767?page-url=https%3A%2F%2Fwww.kufar.by%2Flistings&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A3%3Adp%3A0%3Als%3A793590322417%3Ahid%3A526106443%3Az%3A60%3Ai%3A20210318171206%3Aet%3A1616083926%3Ac%3A1%3Arn%3A103980482%3Au%3A16160839261072265113%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616083920390%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616083926%3At%3A%D0%9A%D1%83%D1%84%D0%B0%D1%80%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20-%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%7C%20%D0%91%D0%B0%D1%80%D0%B0%D1%85%D0%BE%D0%BB%D0%BA%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
last-modified
Thu, 18-Mar-2021 16:12:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.kufar.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:06 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 9F03 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=0985d75b167cb55355af6f666d6421e43&cb=6062091616083925385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=svC1hu%2FKKOgNsQrr967xPNPNYUeFzMWFFH8U3uDxbTRcIy7d8CGQozP5%2Bzck0ubh3%2BR9zzmQ4AcrWZVesR7K8SdWfwjXwTXr1rCfqJrsu9YMGM4kYshcFlPN"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d56100004a74d81e6000000001
cf-ray
631fbd9bcd884a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame CBD6 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/count?i=ru2f6xrns6cv15e4g0d&a=7e9062b3199e9fdcd0b17ad4378abf223&cb=2483901616083925374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ry4sMhsRE%2FPSC%2F%2FHf536MerTU64VhBfmfHd%2BqgOBX4eTG0x05LSczHUoLAGWy9NrVxCOTaLvw587gd%2BGD1NgPzBzK6WTBsOXJ0lSvsGLuk4WkLn2qgBjPto%2B"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d56800004a74b2077000000001
cf-ray
631fbd9bddaf4a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 263D 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=b571a97c9be7d1867fcf8fa73d68bfca3&cb=4031341616083925392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ggOBVNeJQlipQk3YcXQuwvXepPLG32OVmJbV6nQoES%2FHdYH1e4kUz7keQg%2FEbYzdyoaJrqf9WmDzxWtpjqDK7%2FkWeLieX7qwAQ%2BIGodyPjsoMEKtqrmROta2"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d56900004a74f4a43000000001
cf-ray
631fbd9bddb54a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 12B1 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/stat?i=ru2f6xrns6cv15e4g0d&a=739f72dbfc796f625f351130631a79b57&cb=8666291616083925415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kqw9Zla%2FsOcHs%2BDphTj6XFa81nrPm22LLQ1%2BKm%2BtYSYtlp7PMXv9QNi2dfiDE8n3B33ow9%2F35Q%2FJc29oOwfpY2tflwWKpOidGsxHE3U9kd4%2F%2BJ1t6UsSj3Nq"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d56c00004a74c038d000000001
cf-ray
631fbd9bedbe4a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 3937 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=7a89c712839bf07b617492706c3ce4471&cb=7801551616083925403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f%2F1UAH0xRmRVZtT30tXc1fuxqe8IkZl0W9Utl4NhqvYdjs%2BE2cZxl0%2BVvN4DWyEPw3tRj1kCDHNfRc0lnYfcPuaYTxy7x4kD0oKL2fxt5lYlgHMxHfG6shSD"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d57100004a74e8ac4000000001
cf-ray
631fbd9bedc94a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame FC91 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U29lt99nRoaCXBsOExLxGmhypWI%2BdtpeenjgWEUULHpFEbFbUp%2BbsD9q9FmOhgtZpmHRxg5UCiUxN1Lv0qkl3ebIZWstAG1PYEW3EVWqTHy6aJAQ8%2FWSCKbl"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d57a00004a7493b5c000000001
cf-ray
631fbd9bfdec4a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 80AE 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/send?i=ru2f6xrns6cv15e4g0d&a=fb0672391895c0aae1e7aa0e53cc74483&cb=1999531616083925465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x%2Ftug4gbFPZw0ypoNq5TqmQWd5D0CY995hu6G0cMD41AKi%2FgKUXBCk4iKLHX1MIknhqmq%2FOygNHOFhdZbqUSDQoqaD604SMtqu47%2BBiqkJzSvowR9sbWAsYh"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d58300004a7486237000000001
cf-ray
631fbd9c0e0c4a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame FBEF 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/syncro?i=ru2f6xrns6cv15e4g0d&a=83064ecd2103e9f1086580d44f903b249&cb=5940071616083925428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uqrjzw7HgCX%2BZzbklwnNCH1Wl2%2F5t8E%2BWdI2gW7ywx3Z2Us6IhcnB154WMGRdySN19jYX%2FU%2BVofJHG4atDvjytnwKiphmgFmYRvF3zdQsb7dUhR%2B4698nQxl"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d58300004a74a79e1000000001
cf-ray
631fbd9c0e104a74-FRA
prebid_v4_21.js
hb.adpone.com/ Frame B5AF 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: hintfly.com
URL: https://hintfly.com/usersync?i=ru2f6xrns6cv15e4g0d&a=4ee4dc933a02730c4861ea207900c3f39&cb=3388011616083925434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6298
content-type
application/javascript
x-amz-request-id
17CD16A89098840A
x-amz-id-2
py4SGF6GJ+UxuR56oCtluJSvPBGseKgzMzRzXHtwuVrsAf+7mgzvL8JdW5hg4YBCR5wJuyvPyPw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=auD55m7fkxl41MpyFaQOUiwbQMy8oWhbwAQP%2FDPTVDgC3L27c1iW2z%2FLqF3%2BPjqMLhtKdaqmsE31h4nb%2BeYxgVcZcNNEmqlxMBa9GxlCYB0KwFmAwO9HkSVo"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
08e7b4d58b00004a74f9990000000001
cf-ray
631fbd9c1e364a74-FRA
render.html
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 9033 		22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.80/1-1-0/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

server
nginx/1.17.9
date
Thu, 18 Mar 2021 16:12:06 GMT
content-type
text/html
content-length
6026
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"f883bd7781c332870c9968db60e89349"
expires
Sat, 18 Mar 2051 22:47:21 GMT
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
render.html
yastatic.net/safeframe-bundles/0.80/1-1-0/protected/ Frame 3858 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.80/1-1-0/protected/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net data: strm.yandex.ru *.strm.yandex.net *.cdn.ngenix.net; img-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru jstracer.yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.80/1-1-0/protected/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

server
nginx/1.17.9
date
Thu, 18 Mar 2021 16:12:06 GMT
content-type
text/html
content-length
6026
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-security-policy
default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net data: strm.yandex.ru *.strm.yandex.net *.cdn.ngenix.net; img-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru jstracer.yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag
"f883bd7781c332870c9968db60e89349"
expires
Sat, 18 Mar 2051 22:44:28 GMT
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
prebid
ib.adnxs.com/ut/v3/ Frame 486C 		138 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b91588ecb719389c385f6c1ce5774b2df433daa1ed1eeccf51d2045c0f8879e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
4c5cc01c-267a-46fe-86aa-131544ac5af2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 486C 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame 486C 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225154c2f639180d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266e17054bfa265%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c96803b8018a5d2cce722475b1ba95925d0e7cd90a385924b17e98976252bc3

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
/
adx.adform.net/adx/ Frame 486C 		5 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTAyYTk5MmFhLTc3NmQtNDJhOC05NzIyLTdiYTlmOWMzYjE4NQ%3D%3D&pt=gross&stid=33b50258-9ade-4368-bd1c-ea898b3e0d1d&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 486C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 486C 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=37466605904
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
adpone-d.openx.net/w/1.0/ Frame 486C 		173 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=02a992aa-776d-42a8-9722-7ba9f9c3b185&nocache=1616083926706&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926297&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
8da2bc2bb3b83638c010ce786f02a50ac2e4a3175165de893c1ebcee1769957b

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 486C 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=02a992aa-776d-42a8-9722-7ba9f9c3b185&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5858535128677711
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3b72abb0f513bb56e31e899e34d0faadb4d6d9d963b652f5e0289b171a392aee

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame B264 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame B264 		138 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
15f717ec0752eb47a1ebbbcb6b6ed87d60a764d5c268b165f3ca23e7e431ed90
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid
19ab1d57-1f1b-4c02-9728-27a2e8f4524d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame B264 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame B264 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=83885129933
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame B264 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPWE5MjQ4NjgwLTk4YWItNGE1NS1iMTY0LWU5Y2E3M2VmODJkNA%3D%3D&pt=gross&stid=9c503fde-8046-4150-98d4-1bd2475a3d97&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ Frame B264 		25 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211b4fe724829329%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22124ff0f50e52f4a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4439cf8cb95daf6f05f35914c28466537c51ff37698615533327c34a8162435e

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
arj
adpone-d.openx.net/w/1.0/ Frame B264 		172 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a9248680-98ab-4a55-b164-e9ca73ef82d4&nocache=1616083926764&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926305&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
a0bd61f5cd7a9b015d2918d632d918c6ffe07156a284e94bf8e489561eab3ae2

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B264 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=a9248680-98ab-4a55-b164-e9ca73ef82d4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9057759368894818
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6bb127e3d25a6ac98d5309aa1f7cda64464fa44e6b7587674786acbb67706c24

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 7693 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=56723304794
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 7693 		136 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
28ee517b0f6964e96fed8aef415105b9f483918f4b86992e0a312a60164275c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid
b9125320-fe64-43cc-a87b-2b9025bc11e5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
136
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 7693 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ec995c63-6d84-4296-872e-9bda3dbf1970&nocache=1616083926785&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926312&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
01737a92ec734bfa6deabe096b0a7a0faaa004e092d2e52633c2c97076ca8b2e

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 7693 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPWVjOTk1YzYzLTZkODQtNDI5Ni04NzJlLTliZGEzZGJmMTk3MA%3D%3D&pt=gross&stid=2e9d5172-b44d-48a7-b438-c2f7af2b3609&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ Frame 7693 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22929ab80f40f978%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210f819f43c6a5bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfe46a97562fb1bd3543f44139163c78c09cee333bbc9463982cd19290add22a

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
v1
prg.smartadserver.com/prebid/ Frame 7693 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7693 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=ec995c63-6d84-4296-872e-9bda3dbf1970&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3812069862538532
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d59bec55d963981852784e5fe45762ad03a61369074019fd78b202b15d71b1ed

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 7693 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 263D 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=97861196460
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
adpone-d.openx.net/w/1.0/ Frame 263D 		171 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=593869af-58ef-4b36-a075-4d0d8ac8b9a5&nocache=1616083926809&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926375&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
bf93a99f209ecf4657215954f81f31acf2b956eee06d5dde32592ef68de59c83

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 263D 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTU5Mzg2OWFmLTU4ZWYtNGIzNi1hMDc1LTRkMGQ4YWM4YjlhNQ%3D%3D&pt=gross&stid=d03c0886-bfb7-4c19-bcfb-53bf177437a9&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 263D 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 263D 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229dbd7f374ef69b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210d68a016b16f18%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77fefbbd87302cfd9863148fd0383e3ead18a017583447cedca3626f182c80d0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 263D 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=593869af-58ef-4b36-a075-4d0d8ac8b9a5&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.37027698933756725
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
57b5b1373848f0716ac2f8dc029457825219289e61d6e51ae6222d293706c5ad

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 263D 		19 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
8f842b3d-dca3-4aaa-938d-d63be6981886
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 263D 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ Frame 9F03 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame 9F03 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238add7cc6f79b5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e78d29620e7a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
41905e52d0e529ddf88711ed99139ca3607c7d3282db3f5a53606472c27db9e8

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9F03 		19 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.79:80
AN-X-Request-Uuid
d7a5abcd-b651-47e8-9d8d-312b6668a8f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9F03 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F03 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=7613eea0-7881-43ed-8753-58215e0fe1bf&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5567082593006993
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a12ec8384e0999479d9acda848b34c2987ddcdb711f2754262943d15129066c4

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 9F03 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTc2MTNlZWEwLTc4ODEtNDNlZC04NzUzLTU4MjE1ZTBmZTFiZg%3D%3D&pt=gross&stid=2b560792-d812-4b44-9013-c3c79c75616e&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 9F03 		174 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=7613eea0-7881-43ed-8753-58215e0fe1bf&nocache=1616083926871&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926366&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
e604aa5a8622e629d113077a383e94befc9598ca36a06c979b325fa6c898bb55

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 9F03 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=40237981679
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame 12B1 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPWYwZDVkNWE3LTAxOWEtNGEwNy04OWNhLTQ0ZWQ4ZGMzNTg5MQ%3D%3D&pt=gross&stid=9053e065-7e62-4c69-934b-7edd73017f25&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ Frame 12B1 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223793d15dc8ccc9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224384a6c1d69ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ddf4d2b59fcf47fdbcd142da9bbd9758e6a4de1e4cef11c73c2f72a49f4f13a1

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:06 GMT
v1
prg.smartadserver.com/prebid/ Frame 12B1 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:05 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 12B1 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame 12B1 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f0d5d5a7-019a-4a07-89ca-44ed8dc35891&nocache=1616083926912&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926378&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
2a2a9f8a7525249c2096c6e6b98cd4e92b578f30b462d74f7e827ce0fcb2afd4

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 12B1 		139 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
98807a085b505a9dcd8206da7dd89ee34194f77e2edb36bffd36cef8a0d0e61f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:06 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid
a533be82-1c0f-44c8-946d-a7a6383b709d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 12B1 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=f0d5d5a7-019a-4a07-89ca-44ed8dc35891&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.09363201542250632
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b0f5f99e38a88549ed8e642069516a87f998ef2c915ddd1d6ff1e311c9489aca

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 12B1 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=14104149006
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 3937 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adpone-d.openx.net/w/1.0/ Frame 3937 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=9b2aa5b9-9c68-4161-b848-a173f71eb481&nocache=1616083926970&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926382&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
a4ff8c2ffa72d02ee8c03a761bd316348e63375e0f64c3a5f0e87d5d691ba4b0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3937 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame 3937 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2276077d6c538c7f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228b17f543f486ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7e5eb7a2b36f11c1d21d1c56860aad447b0d815a8a18b3cd171ee3c1e2f407d

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3937 		19 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid
960fe78f-7e8d-4982-85ff-9c0bb9a5ca5c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3937 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=9b2aa5b9-9c68-4161-b848-a173f71eb481&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.40176727930375455
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
51e5b3cab35133e7fcf265eef6e4b6e481af760798a7a5e6bdfc61ab82e35b61

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 3937 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTliMmFhNWI5LTljNjgtNDE2MS1iODQ4LWExNzNmNzFlYjQ4MQ%3D%3D&pt=gross&stid=650b7d78-3eba-4d85-8a67-241de8789f12&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame 3937 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=74354950204
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame CBD6 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame CBD6 		23 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22394f37de9761b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243dab6fd91ab79%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ba82f235513f8f469c232e82195fe2c794eebb0e0094caefa99649e5aff87e9

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
43
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
cdb
bidder.criteo.com/ Frame CBD6 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=74332436848
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame CBD6 		19 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
59a59007-1c51-4a43-9fa4-7fd2b7274342
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame CBD6 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
/
adx.adform.net/adx/ Frame CBD6 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTA5MmEzNjMxLTFmZTgtNDhhZi1iZjZlLWY3YWVhOTdkOGIzYg%3D%3D&pt=gross&stid=5297f71d-f0ae-43be-8ae3-426a68dafd5f&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CBD6 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=092a3631-1fe8-48af-bf6e-f7aea97d8b3b&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8295600135842505
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
09011d06fa57ef53ff2b01ea6f545c28decd9c45fe825491734d06777bbc0861

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame CBD6 		173 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=092a3631-1fe8-48af-bf6e-f7aea97d8b3b&nocache=1616083927010&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926371&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
58aeaff1ec04043714d4ee003ce250cb00edf893e08b9d0c1b432030998fb989

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
214DC66E09B24586
an.yandex.ru/setud/adsniper/ Frame 04D4
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ae7cc068-8804-11eb-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ae7cc068-8804-11eb-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=0vXPUalO%2FwOY61ya%2F%2BtF2g&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata&google_gid=CAESEJcfSudwrAnTsYt3WGh_BJo&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=0vXPUalO/wOY61ya/+tF2g&extra2=aidata&google_gid=CAESEJcfSudwrAnTsYt3WGh_BJo&google_cver=1
  • https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABjY982CBlIFvaHczgZaIAoGZXh0cmExEhYwdlhQVWFsTy93T1k2MXlhLyB0RjJnWhAKBmV4dHJhMhIGYWlkYXRhYhtDQUVTRUpjZlN1ZHdyQW5Uc1l0M1dHaF9CSm9qATGIAQE*
  • https://sync3.adsniper.ru/?src=ggl&s_data=CAIQARjY982CBlIFvaHczgZaIAoGZXh0cmExEhYwdlhQVWFsTy93T1k2MXlhLyB0RjJnWhAKBmV4dHJhMhIGYWlkYXRhYhtDQUVTRUpjZlN1ZHdyQW5Uc1l0M1dHaF9CSm9qATGIAQGiARCwauViiAQR64b...
  • https://sync.bumlam.com/?src=ggl&s_data=CAIQABjY982CBlogCgZleHRyYTESFjB2WFBVYWxPL3dPWTYxeWEvIHRGMmdaEAoGZXh0cmEyEgZhaWRhdGFiG0NBRVNFSmNmU3Vkd3JBblRzWXQzV0doX0JKb2oBMYgBAaIBELBq5WKIBBHrhuAAJZDAZHw*
  • https://sync.bumlam.com/?src=ggl&s_data=CAIQARjY982CBlogCgZleHRyYTESFjB2WFBVYWxPL3dPWTYxeWEvIHRGMmdaEAoGZXh0cmEyEgZhaWRhdGFiG0NBRVNFSmNmU3Vkd3JBblRzWXQzV0doX0JKb2oBMYgBAaIBELBq5WKIBBHrhuAAJZDAZHw*
  • https://an.yandex.ru/setud/adsniper/214DC66E09B24586?sign=2844709219
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/214DC66E09B24586?sign=2844709219
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:09 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:09 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:12:08 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/setud/adsniper/214DC66E09B24586?sign=2844709219
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
/
adx.adform.net/adx/ Frame B5AF 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTJhOWJlMTY2LThhZGUtNGZhOC1iOTM4LTczM2IxMDI0ZGZkYw%3D%3D&pt=gross&stid=ea556dca-0e1d-4c6e-bca6-1a3f44b8a08b&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame B5AF 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=2a9be166-8ade-4fa8-b938-733b1024dfdc&nocache=1616083927070&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926405&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
1ccdcb31944456b3bbff5c2d8efa51bd6bd7c526885dd3ed6dbde29710b1e6bf

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame B5AF 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B5AF 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=2a9be166-8ade-4fa8-b938-733b1024dfdc&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6495853243674614
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
954c9c9b54babd1499bf352b1ab367bcb646da3ec4fbecc1c5e29866187c29af

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame B5AF 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ Frame B5AF 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=35054772671
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:07 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ Frame B5AF 		25 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213e78799a3edddd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214578bbf8b9a037%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a394746884bad32545734f0741ac77493d981671f8072d0748a7c52a13dc9c80

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
43
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
prebid
ib.adnxs.com/ut/v3/ Frame B5AF 		139 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f67727bf0bf377b25e922a2d44781b42b0056dad3d891d0378676474801a57ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid
e929c92f-24e3-442d-9aed-387e9dadcbe1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 80AE 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=900214cc-0354-4f32-acf0-9027ae2b68c9&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.29986564040335195
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6c140d899a49d0a3cff9d5e0cba5a49f34819c303af16d11f6111a388caa60b8

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 80AE 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTkwMDIxNGNjLTAzNTQtNGYzMi1hY2YwLTkwMjdhZTJiNjhjOQ%3D%3D&pt=gross&stid=13da2a57-12e8-4cf4-8e27-cca8f863550d&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ Frame 80AE 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253fa45e084f7df%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ef083eefe10c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfc64af2353feef700b8dce92450c0b8110beee1677f480058480e508305be35

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
cdb
bidder.criteo.com/ Frame 80AE 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=59773257558
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
adpone-d.openx.net/w/1.0/ Frame 80AE 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=900214cc-0354-4f32-acf0-9027ae2b68c9&nocache=1616083927106&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926395&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
040f8762c75fef35ca7cf3685b5e80e36a61e94f96f08364da43f6ad7c60e922

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 80AE 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame 80AE 		139 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
55544946b29c8581fd2412472ed266fdde1bde7ea675a6491f59abcf0f90a1ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
3bca21e6-dd0b-4e67-9b82-349bd064ba65
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 80AE 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame FC91 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=16245740143
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame FC91 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FC91 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=80bcadd3-911b-488c-9045-f220208e254e&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.4237569266686858
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7078ae8fd1ba5ac221881d89cba10d5b9ee2e955d0155d75c8addfb54290357a

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame FC91 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=80bcadd3-911b-488c-9045-f220208e254e&nocache=1616083927145&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926391&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
7e4235765220505fc3fd859e3c855b05072ee15ebda411a242269d280fa2e7d2

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
2544
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame FC91 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTgwYmNhZGQzLTkxMWItNDg4Yy05MDQ1LWYyMjAyMDhlMjU0ZQ%3D%3D&pt=gross&stid=ae4164e7-6c83-4166-9be7-24f9b43f104f&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame FC91 		139 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
05aac971ff8638bce1fdff4d97841ad8b375ab8e88f836816952b356ffd81968
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid
54efd2c0-33a5-423c-95d0-04a24c25d1e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame FC91 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame FC91 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215a7d24619bdb0d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216fb52993a72c74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7489ba36bf2a7b68acddec80e6ab44569709145ebb75a216f1e23cbccd36411

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
translator
hbopenbid.pubmatic.com/ Frame FBEF 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FBEF 		138 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f07339dd7ddb5fb149784bd244cbed373006c107151d2ac9c82d2d4c98f0b27c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid
b0363cf0-7bb2-4011-b3a7-36944ae6ba49
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame FBEF 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=66220862851
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hintfly.com
date
Thu, 18 Mar 2021 16:12:07 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame FBEF 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:06 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://hintfly.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
arj
adpone-d.openx.net/w/1.0/ Frame FBEF 		172 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kufar.by%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=099b20ec-a7cd-42a6-a279-1b61f02de65c&nocache=1616083927244&schain=1.0%2C1!adpone.com%2Cb0aa9cc141c903606249%2C1%2C%2C%2C&aus=300x600&divIds=adpn-adtag-1616083926400&auid=542178084
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
b852379998b46c513e01373bac76274a3f1ae3f17d142123fa2b8e8cfe4342b3

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hintfly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FBEF 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1826378&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,b0aa9cc141c903606249,1,,,&rf=kufar.by&tk_flint=pbjs_lite_v4.21.0&x_source.tid=099b20ec-a7cd-42a6-a279-1b61f02de65c&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6680615135542145
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
11cf169246e658b2e95f11201472f93249ca4b695349ad14cb1abe13f23d1712

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://hintfly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame FBEF 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=571830&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213eeeb50405cf18%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.kufar.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22b0aa9cc141c903606249%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214d033832c847be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22571830%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
044f672e603847731a755f9dc9919172bbef0b7db01132270383cffe1eefa8b6

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://hintfly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 18 Mar 2021 16:12:07 GMT
/
adx.adform.net/adx/ Frame FBEF 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2ODgwNCZ0cmFuc2FjdGlvbklkPTA5OWIyMGVjLWE3Y2QtNDJhNi1hMjc5LTFiNjFmMDJkZTY1Yw%3D%3D&pt=gross&stid=1577f4fb-cbf4-4c27-98c1-be0403e7007e&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hintfly.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 60EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_b16AkbpCsTFgUgq9FZAzDi6ElxFkaqm_-pXVPkJx9ah-BUZFOz9ZliVzfoYe1hU9L1eoo8m1wl0eBxoZCtX3FT1UDMqGFumxevRhTeXrilyuzIweUMOKnAUpvFbR6bFVXweYyfLtwKLNB0Vsbo900vXvoKI8lw2WccEXr0pYr0IrbcnE-jZMxYTq8GCiXrflKS4_oKa03a3sFkPQN-v9MSGupEhT2aqzkbmf2ydYBA01-WSL1ODzdTJx6XmOWFfrTQ13HDOmMfemjiiSkh6jOMJ-aUB6cRE8FosaIFpBtiBNbPaQ1RKvqwAnjr7fEQ&sig=Cg0ArKJSzFSKa9_nKLePEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 16:12:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 18 Mar 2021 16:12:07 GMT
getuidj
secure.adnxs.com/ 		29 B
877 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c6e09009071c1c3bcaa29d3985675f08abee6fcd381e509fa1a402c29b8591e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
771443be-2372-43f8-a72c-fc03d52816f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kufar.by
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AAABeEYbwNZ-yDGMFHFj0zZI1iR3uLfzyxFeWQ
pr.ybp.yahoo.com/ab/secure/true/imp/73P9MpCeQUsdEQxqEZPLOCcax6LRqlTzLmF6IF1LnfaU1JIIJaGzggrIWKTO1crQ5Azv-KW9nXxfPaAs7Wh9OPqJ5YFHUXozLzzSx1bhXv6VeRjNXIyzSw1q6VO6Z8eqrfmTKtU3Wz-7tAaPsNdqu_14TnG3C2Ih2... Frame 5292 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/73P9MpCeQUsdEQxqEZPLOCcax6LRqlTzLmF6IF1LnfaU1JIIJaGzggrIWKTO1crQ5Azv-KW9nXxfPaAs7Wh9OPqJ5YFHUXozLzzSx1bhXv6VeRjNXIyzSw1q6VO6Z8eqrfmTKtU3Wz-7tAaPsNdqu_14TnG3C2Ih2mm28X8O8KSoQ97KS67fVXX2GO-VsyFnkAO_1uuWgb2_b27IbcVJKPdNevSvwBk3JNAIcdVtqfB8zKgIZ2_ApZHDhPjzhyG96JRT3GoHpyap2IX9d236yUlL8a4RxiU_VKVZEOp12K6ewnaD5HI9vwbxE8Lzx13zCL7hprW42qykRAd9X0xTR2OR89nx_wVxr6c7TiurTZC-fPgbgCQKSvYRRI08619NTMCOWE1Jzt1F1n56UpjXIffrvwzmqfFxHt95uQljy6ma2f96IVUSHuPfmIMsu2gxi0Jf9LSvokkXNg1mJd5SbmXBYKToegy5dhS5AQvaRuPLRxFi1ZFiN-lHh3-7MCdaUjsoQlWhq2m2HRCUC8F70jKuCz2tLj4la9FNxGfXE6hqHr-iMXOBSEtpln0uVMihIqaPnRFmFs9dZ4yFoVugy-vwYxfpunjGxWilhkRBSaPTJEjXwQFOhV04ugiuaEAdkeop3DRYJhaiCPU8sxv9Pd62YI9yNEH3RdbuJsJfthn_1ZeoYWYwRlLsmPoIX9-KdUxllJOZtEu5d_RXTXmcPn3PRxriCAhMwTdxw3vaMRiQlEKoF2A4MikPTEK6672QK9k5pi-aoJIOwygMp1IwdngMFiySYkTIqYIHo84dZQwe6WGM6DEnC0iT60F49EW3qm8kg9GL9gSUVOdZQ8o-V0lUb5KKne1x1gaUvxNPXeXJExndOTfB6G80DweJYFyCWtDCdgM7D01z76ZIBX0JTqDtfaMQGuGyd9dnW50pyc_sMp_3Ts0obywUl_mfON41-l-e-1VaJK8P9_J-JDeAxmyO8SlVZzPEGAfDNQ1i2pk8uThlVm9bTiEXaS5F_QYR8EFeh89YpyytlXlSxPjcP6dxAD6xPB2DKTSrOQMGvsbGtj5GtxU0XKjYRFCsFW7TrbwkwZlG12R6lXXMDCylcf4VcMbA-2DH1FOjaPeBoayIM_XI1qWGg9MM7J2yp8ythaP3XgEPs4GFFTzEcWmqbxXdzZlnH2dT-PAmrK_zn0Vdc0nUSzaghs2XbwQafHTKvkXr3LyPZ45rRsYR_TrUi2Hw47siW3EupDMTuaw7sHWYPDaP3tbHtylI4qXPpC-KvahaTCzAEYeEXFAQ9tP0nTyU3_-8Tk4z74X38Y8PCUE3eZY-8K00bwpcltqvipquwBojo1-Z-rGhONoQXB8VHYmBj6yr63iOul5uq4LFWiuBasizqObtyg0fOAJ64_K1dagHvNLEXodeuWSZs3zP4Lfb1uAeTYvawe2P4RZu5RZebnI2xDtNZL5s40N38kvN/wp/AAABeEYbwNZ-yDGMFHFj0zZI1iR3uLfzyxFeWQ
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
903eb5f3bd8ec74a78cac9b20a6cc5ec414b748f29a50c931fb1b04b68938097
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
3024
x-content-type-options
nosniff
ri
ox-delivery-prod-europe-west1.openx.net/w/1.0/ Frame 5292 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-delivery-prod-europe-west1.openx.net/w/1.0/ri?ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&ts=2DAABBgABAAECAAIBAAsAAgAAAjwcGApVOGJmQll2MTlpHBb33o2J1IPCqzMW9dGBt-KhoNPfAQAcFrv0pZGE6KHgpwEWq9nk9KLble6UAQAWru-bhQwVBDgkYTEwNzIyYjYtMWNlMS0wOWU4LTFlYzctYWFhMDc5ZmM5MDI3ACwcFQQAHBUCABwVCAB8HBUEABwVAgAYDDEuMTkyMjA2MzA4OQAcHBUIABwVAgAYDDEuMzkxMDY4MjI5MQAAHCbI7IeFBBUEFQQmuOyHhQQW3tTHgwTW6gEWygEWmAIWFBYSFhQWEhbsAgAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABaq2piABBb8wZuABBbKwraDBBaWwraDBBUYHBSwCRTYBAAVBCa0Axa0AxbsAhE1Dia0AwAsLBa34J3Cuvu-pOkBFquFmvyFoLzWyQEAFq7vm4UMBiiq2piABBb8wZuABBaWwraDBBbKwraDBBgHMzIxMzUyNRawvwQW7AIlBBacARgEMTc4OBUClsLKjAIRKAVPWC1HQgx6FLQJFNoEABYCGANydGKBANwbBIgKYmlkX3NvdXJjZQVTU1JUQghiaWRfdXVpZCQwZGZmNWRkNC0yOGNkLTQ3MjMtODczYy1jNDYzNWIwMWQ4NjgYZGVsaXZlcnlfbWVkaXVtX2NhdGVnb3J5A1dFQiFyZXRyaWV2ZWRfZnJvbV9zc3J0Yl9lcG9jaF9taWxsaXMNMTYxNjA4MzkyNzI1MwCsOA9ob2VyZW4taGV1dGUuY2gAAAA
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:07 GMT
via
1.1 google
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
31613e3d-3dec-446e-a63b-41d559cf0fff.js
storage.mds.yandex.net/get-bstor/3913304/ Frame 3858 		186 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.mds.yandex.net/get-bstor/3913304/31613e3d-3dec-446e-a63b-41d559cf0fff.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/protected/render.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
last-modified
Tue, 16 Mar 2021 14:33:27 GMT
server
nginx
etag
"1fc11d01ac14e2e9bb6241bb5d8b5fbb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-data-size
190630
x-mds-request-id
158616479ab7d348
x-robots-tag
noindex, noarchive, nofollow
content-length
190630
300x300.js
storage.mds.yandex.net/get-canvas-html5/895207/ad42ab33-edfb-4188-870e-409cf3e6bdd8/ Frame 3858 		153 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.mds.yandex.net/get-canvas-html5/895207/ad42ab33-edfb-4188-870e-409cf3e6bdd8/300x300.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/protected/render.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
156dc65ba599ca555b23d044f43476893cf7d88cc732f5bfec5799dab61c89da

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
br
last-modified
Tue, 16 Mar 2021 14:34:01 GMT
server
nginx
etag
W/"ce195100f640ece0ad54d3d4d4e56f1f"
x-cache-status
hit
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
text/plain
access-control-allow-origin
*
x-data-size
156460
x-mds-request-id
b82e336480997b82
x-robots-tag
noindex, noarchive, nofollow
identify
cis.mpianalytics.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cis.mpianalytics.com/api/v1/identify
Protocol
HTTP/1.1
Server
34.241.141.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kufar.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type,content-length
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Origin
https://www.kufar.by
Access-Control-Max-Age
86400
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
content-encoding
gzip
Content-Type
application/json; charset=utf-8
Date
Thu, 18 Mar 2021 16:12:08 GMT
Server
Finatra
Content-Length
28
Connection
keep-alive
identify
cis.mpianalytics.com/api/v1/ 		896 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cis.mpianalytics.com/api/v1/identify
Requested by
Host: content.kufar.by
URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/YzKO67f5HLVKFXhBOlRdv/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.141.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-141-160.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
d97cfad68bfab0e14e7eb0d5450121b30a8afae81601eb7c8f36ac374089e07e

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 18 Mar 2021 16:12:07 GMT
content-encoding
gzip
Server
Finatra
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kufar.by
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
X-Requested-With,content-type,content-length
Content-Length
674
inside.js
s.yimg.com/rq/iv/ Frame 5292 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/iv/inside.js
Requested by
Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/73P9MpCeQUsdEQxqEZPLOCcax6LRqlTzLmF6IF1LnfaU1JIIJaGzggrIWKTO1crQ5Azv-KW9nXxfPaAs7Wh9OPqJ5YFHUXozLzzSx1bhXv6VeRjNXIyzSw1q6VO6Z8eqrfmTKtU3Wz-7tAaPsNdqu_14TnG3C2Ih2mm28X8O8KSoQ97KS67fVXX2GO-VsyFnkAO_1uuWgb2_b27IbcVJKPdNevSvwBk3JNAIcdVtqfB8zKgIZ2_ApZHDhPjzhyG96JRT3GoHpyap2IX9d236yUlL8a4RxiU_VKVZEOp12K6ewnaD5HI9vwbxE8Lzx13zCL7hprW42qykRAd9X0xTR2OR89nx_wVxr6c7TiurTZC-fPgbgCQKSvYRRI08619NTMCOWE1Jzt1F1n56UpjXIffrvwzmqfFxHt95uQljy6ma2f96IVUSHuPfmIMsu2gxi0Jf9LSvokkXNg1mJd5SbmXBYKToegy5dhS5AQvaRuPLRxFi1ZFiN-lHh3-7MCdaUjsoQlWhq2m2HRCUC8F70jKuCz2tLj4la9FNxGfXE6hqHr-iMXOBSEtpln0uVMihIqaPnRFmFs9dZ4yFoVugy-vwYxfpunjGxWilhkRBSaPTJEjXwQFOhV04ugiuaEAdkeop3DRYJhaiCPU8sxv9Pd62YI9yNEH3RdbuJsJfthn_1ZeoYWYwRlLsmPoIX9-KdUxllJOZtEu5d_RXTXmcPn3PRxriCAhMwTdxw3vaMRiQlEKoF2A4MikPTEK6672QK9k5pi-aoJIOwygMp1IwdngMFiySYkTIqYIHo84dZQwe6WGM6DEnC0iT60F49EW3qm8kg9GL9gSUVOdZQ8o-V0lUb5KKne1x1gaUvxNPXeXJExndOTfB6G80DweJYFyCWtDCdgM7D01z76ZIBX0JTqDtfaMQGuGyd9dnW50pyc_sMp_3Ts0obywUl_mfON41-l-e-1VaJK8P9_J-JDeAxmyO8SlVZzPEGAfDNQ1i2pk8uThlVm9bTiEXaS5F_QYR8EFeh89YpyytlXlSxPjcP6dxAD6xPB2DKTSrOQMGvsbGtj5GtxU0XKjYRFCsFW7TrbwkwZlG12R6lXXMDCylcf4VcMbA-2DH1FOjaPeBoayIM_XI1qWGg9MM7J2yp8ythaP3XgEPs4GFFTzEcWmqbxXdzZlnH2dT-PAmrK_zn0Vdc0nUSzaghs2XbwQafHTKvkXr3LyPZ45rRsYR_TrUi2Hw47siW3EupDMTuaw7sHWYPDaP3tbHtylI4qXPpC-KvahaTCzAEYeEXFAQ9tP0nTyU3_-8Tk4z74X38Y8PCUE3eZY-8K00bwpcltqvipquwBojo1-Z-rGhONoQXB8VHYmBj6yr63iOul5uq4LFWiuBasizqObtyg0fOAJ64_K1dagHvNLEXodeuWSZs3zP4Lfb1uAeTYvawe2P4RZu5RZebnI2xDtNZL5s40N38kvN/wp/AAABeEYbwNZ-yDGMFHFj0zZI1iR3uLfzyxFeWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 18 Mar 2021 15:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3035
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14524
x-amz-id-2
yr/wrH2vzqInQuH5kysw5NBVpCBiJvV3lkRBUG2vrax9oa5x0iABCLH6xfIwN0tGfuPDV/E+8dk=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Mar 2021 20:30:45 GMT
server
ATS
etag
"88b82e15c9ac0270fa9e031df01dd8dc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
VHMSRTNFQ1HBXHVD
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
6367ac98-16dd-4749-908e-d282d19fb82f.jpeg
s.yimg.com/ch/ Frame 5292 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/6367ac98-16dd-4749-908e-d282d19fb82f.jpeg
Requested by
Host: hintfly.com
URL: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
2cb62b56f413636787e35aad82eb911ab4a44cfbf7091fd4e17ed7d83b58cb9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 11 Mar 2021 13:56:49 GMT
x-content-type-options
nosniff
age
612920
x-amz-server-side-encryption
AES256
vary
Origin
content-length
89700
x-amz-id-2
7t7A7g/rbt+yxOGU9zXGlyNO+fKQPliYg3eaToCxdK77ZYYpoSddTIxb+Jm+md8SoXJAzkpMXmQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Mar 2021 19:45:49 GMT
server
ATS
etag
"8570678d0fb54e7ccd5a11a7b8df8bc5"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
S1YW8FXGATY5MCNV
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 5292 		565 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: hintfly.com
URL: https://hintfly.com/usync?i=ru2f6xrns6cv15e4g0d&a=97e08cdfa385d8be07928af674b97c139&cb=9263891616083925422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 08 Mar 2021 08:07:40 GMT
x-content-type-options
nosniff
age
893069
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
gX7Xi4MCjp28a4JC33xETQztlT9ezr6475HpRV7DiTG0YBLp9B4+9IIhOsCBuz/PuFVPVMOcXLo=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5957WS4HW8QTB2J8
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 9033 		105 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Request headers

Referer
https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1213
timing-allow-origin
*
content-length
107764
expires
Thu, 18 Mar 2021 16:27:11 GMT
WDuejI_z8Fgj1W2K2m00001xz6fO1G3w037LUrDW000003Z-iqQ00VEpy0A80OAkiGgG0VgYlOhEW8200fW1-gAzYawm0TJTYge8k062iFJ98TW1t8YYc07W1NQW1k82g0RY0ia6rJypANqmA42f1-bTm2p0vI0Iq0S4W0Y82mQg2n0OK4bRwLq0047KKjpHlGK0y...
an.yandex.ru/tracking/ Frame 9033 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/tracking/WDuejI_z8Fgj1W2K2m00001xz6fO1G3w037LUrDW000003Z-iqQ00VEpy0A80OAkiGgG0VgYlOhEW8200fW1-gAzYawm0TJTYge8k062iFJ98TW1t8YYc07W1NQW1k82g0RY0ia6rJypANqmA42f1-bTm2p0vI0Iq0S4W0Y82mQg2n0OK4bRwLq0047KKjpHlGK0y0i6o12GHA4Hy3_04_y1W1GWs1Im-Bo21k0K0TWLmOhsxAEFlFnZWHS0y3_G627u680P200k1Uyi0xWEHxGKCOfJv67my8SKznOlD0C0~1?action-id=11
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:08 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:08 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 9033 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:08 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0001
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Fri, 19 Mar 2021 16:12:08 GMT
watch.js
mc.yandex.ru/metrika/ Frame 9033 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a928bd7174193ecef74cc60693796118826e53e5be214daf6d25f17f68b93446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"6051cea4-aadb"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43739
expires
Thu, 18 Mar 2021 17:12:08 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 9033 		403 B
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.kufar.by%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ef425c4ec4d7f0dcdd5aee321a894a381da5517d562264865a9adeb24f994e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
content-length
403
x-xss-protection
1; mode=block
300x300_atlas_NP_.jpg
storage.mds.yandex.net/get-canvas-html5/895207/ad42ab33-edfb-4188-870e-409cf3e6bdd8/ Frame 3858 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.mds.yandex.net/get-canvas-html5/895207/ad42ab33-edfb-4188-870e-409cf3e6bdd8/300x300_atlas_NP_.jpg
Requested by
Host: www.kufar.by
URL: https://www.kufar.by/listings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
1b7c5f25db53d1840510f2ee9b4f09b70cabb1f7981e8c7059d19ad90f463a3f

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
last-modified
Tue, 16 Mar 2021 14:34:01 GMT
server
nginx
etag
"715b6d8957bff02a87e2f275e6970edd"
x-cache-status
hit
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/jpeg
access-control-allow-origin
*
x-data-size
113473
x-mds-request-id
161f5201578f2587
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
content-length
113473
tracker
top-fwz1.mail.ru/ 		43 B
956 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3142063;u=https%3A//www.kufar.by/listings;st=1616083922947;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=3962e95c2a6017f7;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1616083920390/////269/270/282/282/507/302/507/1096/1371/1100/2557/2557/2561/8026/8026/;ni=9.3//4g/0/0/;lvid=1616083922958%3A1616083928425%3A2%3A6b6a30c1ad7637cc0741a4da0632704e;opts=dl;_=0.5476362297953814;e=RT/load;et=1616083928419
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 18 Mar 2021 16:12:08 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
https://www.kufar.by
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.kufar.by
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://www.kufar.by
Keep-Alive
timeout=60
syncframe
gum.criteo.com/ Frame A246 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1396
date
Thu, 18 Mar 2021 16:12:08 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5618770b3472a57a2d44b44c313eff72315b99e5404fb7249a72a7c0b66a23ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6532
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 18 Mar 2021 16:12:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F7D6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kufar.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kufar.by/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 18 Mar 2021 13:19:02 GMT
expires
Fri, 18 Mar 2022 13:19:02 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10386
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ Frame 9033 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c26088b9602714872c8ffc6e9fc78e28752439c53fbab8b9c9dc8ce71b7d9e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13203
x-xss-protection
0
server
cafe
etag
8044566483108991478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 16:12:08 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 9033
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2HtTYK-HLtDw7gO88KbICw...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=996589166&crd=&is_vtc=1&random=2608701098&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 9033
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2HtTYOWILtXvgAeo3KSQAg...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=49581358&crd=&is_vtc=1&random=3034296171&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/3/ Frame 9033
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%3A...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%...
35 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A75904365765%3Ahid%3A472620097%3Az%3A60%3Ai%3A20210318171208%3Aet%3A1616083929%3Ac%3A1%3Arn%3A324247833%3Au%3A16160839291037149413%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1616083926569%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C852%2C1%2C1565%2C1565%2C0%2C1564%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C1519%2C0%2C1565%2C1565%2C0%2C1565%3Ati%3A2%3Ast%3A1616083929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Mar-2021 16:12:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:08 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
last-modified
Thu, 18-Mar-2021 16:12:08 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A1%3Adp%3A0%3Als%3A75904365765%3Ahid%3A472620097%3Az%3A60%3Ai%3A20210318171208%3Aet%3A1616083929%3Ac%3A1%3Arn%3A324247833%3Au%3A16160839291037149413%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1616083926569%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C852%2C1%2C1565%2C1565%2C0%2C1564%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C1519%2C0%2C1565%2C1565%2C0%2C1565%3Ati%3A2%3Ast%3A1616083929
strict-transport-security
max-age=31536000
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:08 GMT
1Ou5ZCLi0Q8100000000U9nJl6flh5bheE5W-3BsH-_Ufmf2bbUhWnCOWC0J9X8wQoElHkp_CnmCgOn0ySoNiG9z8F5I4Azs8v1ePGJfc0haAp3CP5nXn0062ncNIK1OAndlS49O6q5w3cm14diPUnzpC1m5ornb10dVPMIGOM3uopYBYO5XBXD8P2cJ3f1Q2oRFC...
an.yandex.ru/rtbcount/ 		43 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/rtbcount/1Ou5ZCLi0Q8100000000U9nJl6flh5bheE5W-3BsH-_Ufmf2bbUhWnCOWC0J9X8wQoElHkp_CnmCgOn0ySoNiG9z8F5I4Azs8v1ePGJfc0haAp3CP5nXn0062ncNIK1OAndlS49O6q5w3cm14diPUnzpC1m5ornb10dVPMIGOM3uopYBYO5XBXD8P2cJ3f1Q2oRFClq7WgTCBvWP65un2UZLF9Tx6GioCF3EnRsi37-PM40EOMO5ahtCYY3dC8ECcClC1780a5I0E83vwjdjIwDPbwUSPBuwkIwZVvT6z5MmohjWyYUpWnC_MEKi5WN348igxmY3SczNbx1KGxzq8qUpZ0WJWw3YDFSCKykqr8Ki9mJjm8fNiAn8tS32k8E5wG0BuqqMY6S_s3zacJKJ16xQlsK1UNG2wzG93veQ5jGkOEKyoTgd1r7tbHNajGbiL_-VENcflsUAmmAstPiUlkbwyUdFUaO0VHT-RW00?confirmTime=2197000&confirmRatio=430000&test-tag=465643174363138&format-type=98&actual-format=78&rnd=1735624027220&renderWidth=331&renderHeight=300
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:08 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:08 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:08 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 9033 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1616083928970&cv=9&fst=1616083928970&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b5b349feaf60a66e475c1dfe752b97838348f41e58e0ef5ed05e5107615ba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1108
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 9033 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1616083928977&cv=9&fst=1616083928977&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96189844e62acf75760af2162886475d5030d3d2803b41076e760f3b962045dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 9033 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1616083928988&cv=9&fst=1616083928988&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0491a5490c97bff9ec250ae3f682906f581ba8681d812617a4a092aedc3fbc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1108
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 9033 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1616083928991&cv=9&fst=1616083928991&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b478ee6b77ba099d6e42774a830457d8e6bef41dea1f3fbda969de1dee5edca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 9033 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:09 GMT
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"6051cea4-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 18 Mar 2021 17:12:09 GMT
37412095
mc.yandex.ru/watch/ Frame 9033 		203 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kufar.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A462%3Acn%3A2%3Adp%3A1%3Als%3A791401727000%3Ahid%3A472620097%3Az%3A60%3Ai%3A20210318171209%3Aet%3A1616083929%3Ac%3A1%3Arn%3A193062261%3Au%3A1616083929285608716%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1616083926569%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C852%2C1%2C1565%2C1565%2C0%2C1564%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C1519%2C0%2C1565%2C1565%2C0%2C1565%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616083929%3At%3A
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f5145cd0dc6362a4273db7561db9bff6ac55f019b5aa970e24e918fc2aae12e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Mar-2021 16:12:09 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Thu, 18-Mar-2021 16:12:09 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 9033 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1616083928991&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=797792025&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 9033 		42 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1616083928991&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=797792025&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1616083928977&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=2795918707&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1616083928977&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=2795918707&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1616083928988&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=3612216424&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1616083928988&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=3612216424&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 65D3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=69291ac4-30b5-514d-9155-0342f1067890&CACHEBUSTER=374972
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:09 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Thu, 18 Mar 2021 16:12:09 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.google.com/pagead/1p-user-list/947884341/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1616083928970&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=663229395&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 9033 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1616083928970&cv=9&fst=1616083200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kufar.by%2F&async=1&fmt=3&is_vtc=1&random=663229395&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
pagead2.googlesyndication.com/bg/ Frame F7D6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 06:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
34827
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
expires
Fri, 18 Mar 2022 06:31:42 GMT
WJGejI_zO7q0LGa0H0ye3R6Q5p4fPWK0VG4GW8200J7LUrDW000003Z-iqQ80W6v0kbw9YY4Zv3Iy0BoaQMt2V050Q06uWAu1i01oGRLFpCfVJ0eGBG0002f1-bT48wzvI0IW0e1Y0g10QWAw0UwyXE8wLq003R-KTpHlV0B1fWErQVwm_RHhfHRg0_fk-7lsBUva...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WJGejI_zO7q0LGa0H0ye3R6Q5p4fPWK0VG4GW8200J7LUrDW000003Z-iqQ80W6v0kbw9YY4Zv3Iy0BoaQMt2V050Q06uWAu1i01oGRLFpCfVJ0eGBG0002f1-bT48wzvI0IW0e1Y0g10QWAw0UwyXE8wLq003R-KTpHlV0B1fWErQVwm_RHhfHRg0_fk-7lsBUva1AG4D_X-f7twSFCMFWG0_3HdhuL0f0JCk0K0TWLmOhsxAEFlFnZy80MbP3WWe2WVSaMy3-15wWN2PaOq1WX-1Y06R0PrV_CoTAFZ9H0k1dI6H9vOM9pNtDbSdPbSYzoDJ4mBJBe6O320_0PWC83401ss1yADaBHC8bk8SIM69xBLllAF7FvXb7mKNEWm-1uIEHXWBLp583Wy4puO-j15uPg1W00~1=WYiejI_zOAq13H40v1jqD5tAhGBAz-gGYnQ00VlNexA9ykQDDuW1Xl-Uj5UG0U2aWwp9W8200fW1uAI3h4cW0Twe0Twu0OQyXhyWs06UexIL0U01X9kqbG7e0L3u0Po8thu1e0BAbAqOc0F0X3sm0-yCY0Mvq2UG1QtxHB05m9GKk0N0b1J01VNDj0F81P3HVz05sO47u0Ltg0RY0hW7W0Ma3_470032fSgM37bz2CqKzRe_oU0AW8bwsGlfNH2ElUKW4kWBkT0dY0oSYDw-0UWCcmQO3QNsAJ-W3i24FO0Gpy-26veG6ma00FW_6OQ9hr-X4MVW4SYZ-07e4PRHYUQ5fv6fk5J9G9DzgxLy9yi_c1C2u1F0b1I858F2fkYnWQoNeG6W5C2K5AWKhVj4m1I0tg3BhlBrFzWKdj2ZWWRe58m2q1MUqAE21jWLmOhsxAEFlFnZe1RGkCI21h0MsWJ95j0Md8ZUlW615vWNXFJ9AxWN0S0NjGBO5y24FUWN0PaOe1WLi1YHtCs21hWO0VWO-DRLmf6jjuXbW1c96Ouka1a1e1d00RWP____0U0P0UWPWC83y1c0mWE16l__wrEZxcVNa1g0GBWQ0I00uePxACQHEeXhAADGHD0GQUWZcZ4A6xhQaBY-9O5fIYnThjbMmiKCQiZKqWm6M1tvx-e6NiGgQ8mG14qyQ4bm4sHC8v0tE6Ba95u9ENgEGGB29nVkIkdKmBhM93hO9k00~1?stat-id=1&test-tag=465643186981377&format-type=98&actual-format=78&pcodever=14159&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYwIn0%3D&renderWidth=331&renderHeight=300&confirmTime=2127000&confirmRatio=430000&wmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:09 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:09 GMT
WJSejI_zO7q0RGa0f0zA0bpdurWdcGK0VG4GW8200J7LUrDW000003Z-iqQ80WAv0kbw9YY4Zv3Iy0AWgjUo3F050Q06uWAu1i01oGRLFpCfVJ0eGBG0002f1-bTJAU-vI0IW0e1Y0g10QWAw0U82mIg2n0X7aCLwLq00DoCKjpHlV0B1fWErQVwm_RHhfHRg0_fk...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WJSejI_zO7q0RGa0f0zA0bpdurWdcGK0VG4GW8200J7LUrDW000003Z-iqQ80WAv0kbw9YY4Zv3Iy0AWgjUo3F050Q06uWAu1i01oGRLFpCfVJ0eGBG0002f1-bTJAU-vI0IW0e1Y0g10QWAw0U82mIg2n0X7aCLwLq00DoCKjpHlV0B1fWErQVwm_RHhfHRg0_fkz6vwhUva1AG4D_X-f7twSFCMFWG0_3HdhuL0f0JCk0K0TWLmOhsxAEFlFnZy80MbP3WWe2WVSaMy3-15wWN2PaOq1WX-1Y06R0PrV_CoTAFZ9H0k1dI6H9vOM9pNtDbSdPbSYzoDJ4mBJBe6O320_0PWC833m1ss1yADaBHC8bk8SIM69xBLllAF7FvXb7mKNEWm-1uIEHX36ldE2RyiVMW2qCr0m00~1=WY0ejI_zOAS1jH00P1kW6UMGfmBAz-gGYnQ00V6en6U80OV_dhHNa07Wf8EioO20W0AO0U2aWwn9e07Ug07Uk066l8Q_8DW1dgEqbG7W0OIRj9K1w05G-06SYDw-0Q02ofIj69W3m8Gzi0Ec28W5dl8Za0MzWagm1TRH5RW5rj4Lm0NrpRG3o0MGqN_G1S331-05TwW6uWAu1u05f0_n1m00mgNAbWoOoIEs-UwyFydW2e29UjaBwLrCfxxb81Be2-Jd8OWCd8ZUlW7e39i6c0sSsg0Em8GzW13Fpu8RcX0R2G00-3yPXeclNw4HP-0HpQFu0UWHhAM6degofyeoyGl5G0voNmsF0Sm_c1C2u1FMqHM858F2fkYnWQoNeG6W5DRH5QWKlO9Am1I0tg3BhlBrFzWKdj2ZWWRe58m2q1MUqAE21jWLmOhsxAEFlFnZe1RGkCI21h0MsWJ95j0Md8ZUlW615vWNXFJ9AxWN0S0NjGBO5y24FUWN0PaOe1WLi1YHtCs21hWO0VWO-DRLmf6jjuXbW1c96Ouka1a1e1d00RWP_m7W6G7e6O320_0PWC83WHh__xSbQX2BiP0QW42u6W4V08CnSAHB7SGrb54e8cY8zFCHpHM53Vri80w1mvmfMM-vvZK95tEe8GDBC_1VTQI-gnja4PiUN2lqCcWTS0bajoAGupLY429U2H5wZa6omISNsahfrC0wr2Gws2RW~1?stat-id=2&test-tag=465643186981377&format-type=98&actual-format=78&pcodever=14159&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYwIn0%3D&renderWidth=331&renderHeight=300&confirmTime=2131000&confirmRatio=430000&wmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:12:09 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:12:09 GMT
usync.js
eus.rubiconproject.com/ Frame 65D3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60264
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
khaos.jpg
token.rubiconproject.com/ Frame 65D3 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
match
ads.betweendigital.com/ Frame 65D3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X&crf=1
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X&crf=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=101&external_user_id=KMF2N8T4-1O-8D1X&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
709414.gif
id.rlcdn.com/ Frame 65D3 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:09 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 65D3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 65D3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMF2N8T4-1O-8D1X&sigv=1&esig=2~5c18e05ddf7972d9e6ff87c81ce8ce1221389fa0
0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMF2N8T4-1O-8D1X&sigv=1&esig=2~5c18e05ddf7972d9e6ff87c81ce8ce1221389fa0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:09 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMF2N8T4-1O-8D1X&sigv=1&esig=2~5c18e05ddf7972d9e6ff87c81ce8ce1221389fa0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 65D3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYyM2M5YWExNjI3OWIwNWZlMWM5ZjIwZTRiM2Y0ZTQxNDhiODRmZg
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYyM2M5YWExNjI3OWIwNWZlMWM5ZjIwZTRiM2Y0ZTQxNDhiODRmZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYyM2M5YWExNjI3OWIwNWZlMWM5ZjIwZTRiM2Y0ZTQxNDhiODRmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 65D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOvipYOFx778WCeXsnwRwgA&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOvipYOFx778WCeXsnwRwgA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOvipYOFx778WCeXsnwRwgA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 65D3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFN72gAAAKFexizr
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFN72gAAAKFexizr&_test=YFN72gAAAKFexizr
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFN72gAAAKFexizr&_test=YFN72gAAAKFexizr
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083930.203624,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFN72gAAAKFexizr&_test=YFN72gAAAKFexizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 65D3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZgzrLiqKUg4OC6MmqP5FbMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375372207538464899
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375372207538464899
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Thu, 18 Mar 2021 16:12:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375372207538464899
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 65D3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e0916053-7bd9-4c00-9fd3-a60057a08047
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Thu, 18 Mar 2021 16:13:11 GMT
Server
MT3 3611 f10363c master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=2210300137119003&bg=!q6ilqOzNAAbUo7L91KM7ACkAdvg8Wh7HPrEl_aUoOleF8_y8hr-Nr9jNaD3xlV338Fh0XIvKHUFPAAIAAAHlUgAAACtoAQcKAaUDAFKyU8dTrqo64Z9S-mRtQU-2oW1uqmTWv90NLDy7s_lQkkC4CN8y0nx-O66lpzcKovXSCPERMo3HeiJvL_ph6YYk10MR57Niipgb7rgvMv1SYXEqLMGI-0ERk2-BTCu-ZhtodHunXmQ8yLcc2NHbcqQ1FYEbxgXEWsoChQYSvtfc2amaOt7fCIkmSJQ51C_Jk8cTzZU5hu1KUhv4D3y3gydOsLBWHcQHu0U7zEIYXz-jNbu9B3N3bq1RksjJHv6XqkG0s8ItpGhCy2nuHa1yaWoOA1DD2JXNZB8zjARAfajAEa7GcR5sfAcZ-66zGUZ0_tDHOL87xBp0HevKTfoawud0CYdYs0G3AGiGKvKEjVAM-SMILiYf3OOJ2HPBwSKDhUFAiVg_EEOebTdlljIlwRSoc-tfDkAjnLJjKROHtyn8zjRSGoNC1Mep2lq5xPtCn4wqnuX7z4ZfoB6CH6D84wrZZmcnel80kWzg7jZCi6vMyUIdrhEHasmueG2pkbbC0JIk4C1F0aARSEjqvThNgu00bFi0hlw5OGvZF5pARVLSYE-OmQHJe06_UVpmPHsD5qGwyR7xglVpP2hcRqcQmOZ11gyuY6XL7IhXOWGHN3kG5_-4rpYy_ISpu2mJ7BXzTf2MwbcdJYLpu8QM8qKIStWcUzNj_9TkG1ObJdKmwwJ-Vc4XG2jWoCpM1VVrARKblhjsEEvjq1NWkdSkNi7w9yL0hmVjx2QGCJCH7GjwBgFwKgKyd2o1RPLmW3vBt6TrVsfgXgBhY1URyQHLGOuBCOQV7GRup9D6chybngbYAv4atvLaheDS2PhEThppBQA-iwNJUzeF3FNmMU_EM2WiReq5noZqEZp-3PLkunUJTc2kFWI68aHNI_YGO1iTkiAvM8H2MngehYF2ZoJjurqiSIauG5E8fyBep-G8OsDPQoCSuVV7U0omzaaRHz8un4J2Y1XYGA-7UpUQ5NrRU-62c8WpezeoOZI1ej3SfNCuWUo8wsSE_Cu-a7-X4EVPc15f_PKUYyquwIxA-lMI0LbMeFc4Rt1SxIdJFrzUhYQ5LdA0R0wLFGxDf8Efx-om8uJZttkgCQamJ24lKGZzCbzKrGHNMjwX08yYCDsKuxuVQo4h9mOqQUOrqFRFtSXxm2mZsiNP7AYqoqJ7VBK37LIBYA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kufar.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
sync.1dmp.io/ Frame 04D4
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890&cs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-213-228.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:10 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=69291ac4-30b5-514d-9155-0342f1067890&cs=1
date
Thu, 18 Mar 2021 16:12:10 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
374972
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 04D4
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/374972
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 3A86 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame A391
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
668 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
89cd3c4e96cb3fae359cd1be31173ebc927bba19840a87f7ec7948e0b6603bf5

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|gekin0vNiygu; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
date
Thu, 18 Mar 2021 16:12:10 GMT
content-length
0
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 8AB9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame DFD1 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AF7F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame AF0D 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 37BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame D5A5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame FBFC 		668 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
89cd3c4e96cb3fae359cd1be31173ebc927bba19840a87f7ec7948e0b6603bf5

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|gekin0vNiygu; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 60B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame E3CE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 128B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2D7E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame CBD9 		668 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
89cd3c4e96cb3fae359cd1be31173ebc927bba19840a87f7ec7948e0b6603bf5

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|gekin0vNiygu; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 1F99 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9A6F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5BC0 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 97E3 		498 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
af835534886fb170aa0e127081ec31839725ca855b801d12f7919f78e5724947

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
316
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 92C9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame D22A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 8C6E 		631 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
b2d05408d32fc60127a2adf727085f0fb3a320cab7f8d5fc868b7620e535124c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|mWkigqiysLommOgevNgunsn0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|j8mWkifcsHqGgqiysLiSommOgevNgunsn0gi; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
411
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3F1A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DE3A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B358 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame FF19 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0BB6 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8FED 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 3FA3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 9E65 		634 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
a7c2e6d65aba0fc6879dedd498db91f623ff18f09291136152f53fc4cee89ef9

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|j8mWkifcsHqGgqiysLiSommOgevNgunsn0gi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|j8gmmWkitujofcsHqGgqmuiyvQsLiSommOgevNgusfnsn0gi; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
430
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame D062 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5F1E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 0C57 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 5E8C 		634 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
a7c2e6d65aba0fc6879dedd498db91f623ff18f09291136152f53fc4cee89ef9

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|j8mWkifcsHqGgqiysLiSommOgevNgunsn0gi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|j8gmmWkitujofcsHqGgqmuiyvQsLiSommOgevNgusfnsn0gi; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
430
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 4DBE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7E1F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1AFB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E207 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:12 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8170 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E443 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 592E 		655 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
c1e628097db41a10f86eccd1e88255737acc352231c33010037d278f2888c5d8

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|j8gmmWkitujofcsHqGgqmuiyvQsLiSommOgevNgusfnsn0gi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
401
content-encoding
gzip
via
1.1 google
alt-svc
clear
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 486C 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:10 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame E70B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C09 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:13 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 8475 		655 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
c1e628097db41a10f86eccd1e88255737acc352231c33010037d278f2888c5d8

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|j8gmmWkitujofcsHqGgqmuiyvQsLiSommOgevNgusfnsn0gi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi; Version=1; Expires=Fri, 02-Apr-2021 16:12:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:10 GMT
content-type
text/html
content-length
401
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 7E51 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E601 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143906
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7CE0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6EBA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:13 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame A2C9 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143905
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame DD21 		219 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
7d81ab9ae4a8a37f06a8daff7ec4f9fe2599670739710d947a0b916aea2685dd

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:11 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930.1|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi.vWvT; Version=1; Expires=Fri, 02-Apr-2021 16:12:11 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:11 GMT
content-type
text/html
content-length
190
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame E9B2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FBAA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:13 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 95CA 		68 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930.1|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi.vWvT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:11 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930.1|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi.vWvT; Version=1; Expires=Fri, 02-Apr-2021 16:12:11 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:11 GMT
content-type
text/html
content-length
70
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame D603 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 80E9 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143905
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6777 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B264 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7693 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
usync.html
eus.rubiconproject.com/ Frame 215C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMF2N8T4-1O-8D1X; pux=1512%3D98273%262249%3D98273%262307%3D98273%262974%3D98273%263778%3D98273%26idl%3D98273%26brx%3D98273%262249-DV360-Hosted%3D98273%26; audit=1|P3Iiih6fxyZtPZlkU2of7fpmQP2nwhGdYGiTFhq1sDp6eP0zD2PV8KZpU6mkFloAGGz33Y2JOb/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6071 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 19 Mar 2021 16:12:13 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame B13B 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143905
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2CB2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hintfly.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame A68F 		68 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; pd=v2|1616083930.1|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi.vWvT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad1447ad-b857-0c20-22c7-da7eaa3cab50|1616083930; Version=1; Expires=Fri, 18-Mar-2022 16:12:11 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616083930.1|fogSj8w0gmmWkivStujofcsHqGgqvtmuiyvQsLiSommOgevNgusfnsn0rFgi.vWvT; Version=1; Expires=Fri, 02-Apr-2021 16:12:11 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 18 Mar 2021 16:12:11 GMT
content-type
text/html
content-length
70
content-encoding
gzip
via
1.1 google
alt-svc
clear
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 263D 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9F03 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 12B1 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
usync.js
eus.rubiconproject.com/ Frame 3A86 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60262
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
betweendata
api.rees46.com/profile/ Frame 04D4 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.rees46.com/profile/betweendata?rand=374972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.70.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
a03.smtp.rees46.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
access-control-allow-credentials
true
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame D5A5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60262
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3937 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CBD6 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B5AF 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 80AE 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame FC91 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
sd
eu-u.openx.net/w/1.0/ Frame A391
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:13:13 GMT
Server
MT3 3611 f10363c master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:12 GMT
sd
us-u.openx.net/w/1.0/ Frame A391
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A391
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5555003135749739312
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5555003135749739312
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5555003135749739312
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A391 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7eb878f4-11d0-33d7-7811-1296ce1b98ad&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A391 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJkN2FiM2UtZDhhNy02ZDczLTZkZjEtNDgyZjA0Zjk1NmNk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A391
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FBFC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:13:13 GMT
Server
MT3 3611 f10363c master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:12 GMT
sd
us-u.openx.net/w/1.0/ Frame FBFC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FBFC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2864180679862859658
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2864180679862859658
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2864180679862859658
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FBFC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7eb878f4-11d0-33d7-7811-1296ce1b98ad&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FBFC 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJkN2FiM2UtZDhhNy02ZDczLTZkZjEtNDgyZjA0Zjk1NmNk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FBFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CBD9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:13:13 GMT
Server
MT3 3611 f10363c master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:12 GMT
sd
us-u.openx.net/w/1.0/ Frame CBD9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xPTiN8Wms2bf8OQylvb6YpDx42Xf8LM8l6Iqyy7M
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CBD9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2448409221747358692
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2448409221747358692
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2448409221747358692
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame CBD9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7eb878f4-11d0-33d7-7811-1296ce1b98ad&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CBD9 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJkN2FiM2UtZDhhNy02ZDczLTZkZjEtNDgyZjA0Zjk1NmNk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CBD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgxun0-TUWsJn-Mlz9u6f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6FE1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
197e36c3f80ef80f997d7142c1fa1dfa67be08238d60daeb559f48c0beff3aec

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|13|90|176|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1749
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMRUM3=5a60537bdb05a0&9c60537bdb05a00&b060537bdb05a00&f160537bdb05a00&e660537bdb27600&2d60537bdb05a0&0d60537bdb05a0&2760537bdb0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMST=YFN722BTe9sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Mar 2021 16:12:11 GMT

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT
usync.js
eus.rubiconproject.com/ Frame 1F99 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60262
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5E7F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d325ef71a6fbbe1e3702d2ddd57b56a23d38007628d43e016a08c0c1c76c789

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|31|221|195|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1761
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMST=YFN722BTe9sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Mar 2021 16:12:11 GMT CMRUM3=2760537bdb0b40&3360537bdb05a0&2d60537bdb05a0&e660537bdb27600&f160537bdb05a00&c360537bdb05a00&1f60537bdb05a00&dd60537bdb27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN727BmCAghTL8cOTGFXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT
bounce
ib.adnxs.com/ Frame AF7F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
d99828be-43a2-4467-b10e-e91c1db1c47a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid
82e15576-78a3-442b-a1d2-e1350ed77823
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame FBEF 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DFD1 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b13ca069a400385e0e74c9e55e441413fe65a1a26b8e44bf964e372c1036e84

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 60B2 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid
497723a6-17de-4247-9bbf-8f6518b68ef7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 97E3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 97E3
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oe7yyLhWivmeZV4hHQKiFw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
lck33nrbvmehcior12dcrv4bbknie0ei

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea7f1eb0-817c-a19e-49c6-0463314c55e4
pr-bh.ybp.yahoo.com/sync/openx/ Frame 97E3 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ea7f1eb0-817c-a19e-49c6-0463314c55e4?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 97E3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=cjRQy0iI1LmVfR5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=cjRQy0iI1LmVfR5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=cjRQy0iI1LmVfR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 97E3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:19 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=226d76ac-1ba4-4955-bfd0-dfaba00c83be
date
Thu, 18 Mar 2021 16:12:19 GMT
via
1.1 google
server
OXGW/16.203.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 97E3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTmdVN0FwdmdBQUJEcXRHVlBWQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNgU7ApvgAABDqtGVPVA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=48109513688616035
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNgU7ApvgAABDqtGVPVA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D48109513688616035%26bee_sync_partners%3Dox%26bee_sync_c...
  • https://match.prod.bidr.io/cookie-sync?userid=48109513688616035&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACNgU7ApvgAABDqtGVPVA&pid=558502&do=add
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACNgU7ApvgAABDqtGVPVA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACNgU7ApvgAABDqtGVPVA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACNgU7ApvgAABDqtGVPVA
Date
Thu, 18 Mar 2021 16:12:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5A8C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5365cc14f466e0f452b624aaa4c83845e79145c60f890afb9043539233476895

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9sA; CMRUM3=2760537bdb0b40&3360537bdb05a0&2d60537bdb05a0&e660537bdb27600&f160537bdb05a00&c360537bdb05a00&1f60537bdb05a00&dd60537bdb27600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|88|3|152|81|196|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1563
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMRUM3=1f60537bdb05a00&dd60537bdb27600&9860537bdb05a00&2d60537bdb05a0&f160537bdb05a00&e660537bdb27600&4960537bdb05a00&3360537bdb05a0&2f60537bdb05a0&2e60537bdb05a0&5860537bdb05a0&c460537bdb05a0&5160537bdb05a0&c360537bdb05a00&0360537bdb05a0&2760537bdb0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BB54 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
33ecc594f7f40dcd6433090ad254d0b9fee37eb837b97d0a2622cf6b75e1869b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9sA; CMRUM3=2760537bdb0b40&3360537bdb05a0&2d60537bdb05a0&e660537bdb27600&f160537bdb05a00&c360537bdb05a00&1f60537bdb05a00&dd60537bdb27600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|3|239|57|13|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1522
Expires
Thu, 18 Mar 2021 16:12:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:11 GMT CMRUM3=3360537bdb05a0&4960537bdb05a00&2e60537bdb05a0&dd60537bdb27600&ef60537bdb05a00&1f60537bdb05a00&e660537bdb27600&f160537bdb05a00&3960537bdb05a0&2d60537bdb05a0&0d60537bdb05a0&2760537bdb0b40&c460537bdb05a0&0460537bdb05a0&c360537bdb05a00&0360537bdb05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:11 GMT
async_usersync
ib.adnxs.com/ Frame 128B 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid
10f90e90-25e4-4e29-8ba1-aaa4bdc2131d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D22A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60262
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
async_usersync
ib.adnxs.com/ Frame 92C9 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid
0666e532-3855-4090-81fc-a848b9505e22
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8C6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=91258967075929366
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=91258967075929366
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid
045f631d-16c5-4f06-a941-4c8fa288dc5a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame 8C6E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 8C6E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 8C6E 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=3439b604-4661-09bd-2a0f-94a0cf6edb97
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.187.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-187-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 8C6E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFN72gAAAKFexizr
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFN72gAAAKFexizr
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083932.831570,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFN72gAAAKFexizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 8C6E
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=AHEkt253nW7jaCcqrhRlWfiM&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c4833ae8e9ec77cebb217850800a5ed&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DAHEkt253nW7jaCcqrhRlWfiM
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=AHEkt253nW7jaCcqrhRlWfiM
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=AHEkt253nW7jaCcqrhRlWfiM
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=AHEkt253nW7jaCcqrhRlWfiM
date
Thu, 18 Mar 2021 16:12:15 GMT
server
openresty
content-length
146
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 04D4
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=69291ac4-30b5-514d-9155-0342f1067890&expires=30
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=d888dd76-2b89-4411-a7f1-d6c4295fd83b
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

location
//public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=d888dd76-2b89-4411-a7f1-d6c4295fd83b
date
Thu, 18 Mar 2021 16:12:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncframe
gum.criteo.com/ Frame 982B 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1536
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 263D 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:11 GMT
syncframe
gum.criteo.com/ Frame D98F 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1631
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 486C 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
usync.js
eus.rubiconproject.com/ Frame DE3A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E19C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b9a446f170aad0f5c56398b24e1218fc4290f1f5b04bb112ef19cce4033ba800

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9sA; CMRUM3=3360537bdb05a0&4960537bdb05a00&2e60537bdb05a0&dd60537bdb27600&ef60537bdb05a00&1f60537bdb05a00&e660537bdb27600&f160537bdb05a00&3960537bdb05a0&2d60537bdb05a0&0d60537bdb05a0&2760537bdb0b40&c460537bdb05a0&0460537bdb05a0&c360537bdb05a00&0360537bdb05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|88|130|65|46|5|57|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1427
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMST=YFN722BTe9wA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Mar 2021 16:12:12 GMT CMRUM3=0560537bdc05a0&f160537bdb05a00&e660537bdb27600&3960537bdc05a0&2d60537bdb05a0&4160537bdc05a0&dd60537bdb27600&1f60537bdb05a00&ef60537bdb05a00&2e60537bdc05a0&ce60537bdc05a00&3360537bdb05a0&4960537bdb05a00&0360537bdb05a0&c360537bdb05a00&8260537bdca8c0&0460537bdb05a0&c460537bdb05a0&5860537bdc05a0&2760537bdb0b40&0d60537bdb05a0&2860537bdc05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame B358 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid
dbe8d8d6-cfa8-4baa-a988-0f46788d78ba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8FED 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
766c0518-ddde-43d0-8950-914d168b0029
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3FA3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 061C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec17dbfc42c7a5d104220bfc7fe22121611b146b72749ba5f8c0ac76f5a21f02

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=0560537bdc05a0&f160537bdb05a00&e660537bdb27600&3960537bdc05a0&2d60537bdb05a0&4160537bdc05a0&dd60537bdb27600&1f60537bdb05a00&ef60537bdb05a00&2e60537bdc05a0&ce60537bdc05a00&3360537bdb05a0&4960537bdb05a00&0360537bdb05a0&c360537bdb05a00&8260537bdca8c0&0460537bdb05a0&c460537bdb05a0&5860537bdc05a0&2760537bdb0b40&0d60537bdb05a0&2860537bdc05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
111|64|90|81|51|156|191|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1316
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=5a60537bdc05a0&c460537bdb05a0&0460537bdb05a0&5160537bdc05a0&5860537bdc05a0&c360537bdb05a00&0360537bdb05a0&8260537bdca8c0&2860537bdc05a00&0d60537bdb05a0&2760537bdb0b40&dd60537bdb27600&ef60537bdb05a00&1f60537bdb05a00&9c60537bdc05a00&6f60537bdc05a0&e660537bdb27600&3960537bdc05a0&f160537bdb05a00&0560537bdc05a0&bf60537bdc05a0&4160537bdc05a0&2d60537bdb05a0&3360537bdc05a0&4960537bdb05a00&4060537bdc05a0&2e60537bdc05a0&ce60537bdc05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
syncframe
gum.criteo.com/ Frame BC82 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1178
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9F03 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
openx
tr.blismedia.com/v1/api/sync/ Frame 9E65 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9E65
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E65
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2cf9ff2-8804-11eb-a4e9-bf7463b7e2a0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2cf9ff2-8804-11eb-a4e9-bf7463b7e2a0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2cf9ff2-8804-11eb-a4e9-bf7463b7e2a0
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b2cf9ff3-8804-11eb-a4e9-bf7463b7e2a0
us.php
gu.dyntrk.com/adx/ox/ Frame 9E65 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame 9E65
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=14EBBAE21E42474EAE9C3675ADA49C48
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=14EBBAE21E42474EAE9C3675ADA49C48
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=14EBBAE21E42474EAE9C3675ADA49C48
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 17 Mar 2021 16:12:12 GMT
c.html
j.mrpdata.net/ Frame 9E65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 5F1E 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
eca34427-3e45-4419-b14a-3a328bda459b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame FEE4 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b402b6917425beb79093d4ca596e88ab0fff8ff4b71c542c2d91e83a4ca5e3f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=5a60537bdc05a0&c460537bdb05a0&0460537bdb05a0&5160537bdc05a0&5860537bdc05a0&c360537bdb05a00&0360537bdb05a0&8260537bdca8c0&2860537bdc05a00&0d60537bdb05a0&2760537bdb0b40&dd60537bdb27600&ef60537bdb05a00&1f60537bdb05a00&9c60537bdc05a00&6f60537bdc05a0&e660537bdb27600&3960537bdc05a0&f160537bdb05a00&0560537bdc05a0&bf60537bdc05a0&4160537bdc05a0&2d60537bdb05a0&3360537bdc05a0&4960537bdb05a00&4060537bdc05a0&2e60537bdc05a0&ce60537bdc05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
41|176|105|47|8|51|190|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1268
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=dd60537bdb27600&1f60537bdb05a00&9c60537bdc05a00&6f60537bdc05a0&f160537bdb05a00&e660537bdb27600&4160537bdc05a0&bf60537bdc05a0&2d60537bdb05a0&3360537bdc05a0&2f60537bdc05a0&4060537bdc05a0&2e60537bdc05a0&c460537bdb05a0&5a60537bdc05a0&c360537bdb05a00&2760537bdb0b40&ef60537bdb05a00&6960537bdc05a0&0560537bdc05a0&3960537bdc05a0&0860537bdc05a00&be60537bdc05a0&4960537bdb05a00&ce60537bdc05a00&0460537bdb05a0&5160537bdc05a0&5860537bdc05a0&b060537bdc05a00&0360537bdb05a0&8260537bdca8c0&2860537bdc05a00&0d60537bdb05a0&2960537bdc05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
openx
tr.blismedia.com/v1/api/sync/ Frame 5E8C 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5E8C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=266e0489-0d7a-882d-b81f-9001a628534d&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E8C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2d0d868-8804-11eb-ade0-a91a1c6afdd8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2d0d868-8804-11eb-ade0-a91a1c6afdd8
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b2d0d868-8804-11eb-ade0-a91a1c6afdd8
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b2d0d869-8804-11eb-ade0-a91a1c6afdd8
us.php
gu.dyntrk.com/adx/ox/ Frame 5E8C 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame 5E8C
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A879CDB586B94BEAAC102537876D4153
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A879CDB586B94BEAAC102537876D4153
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A879CDB586B94BEAAC102537876D4153
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 17 Mar 2021 16:12:12 GMT
c.html
j.mrpdata.net/ Frame 5E8C 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 0C57 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
async_usersync
ib.adnxs.com/ Frame E207 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
c3baaf74-71e6-497d-8a49-11e96475bbc3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B616 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d7692b218441429022d4ead5b787c226e59d9d3952a1e36c16735c88aa6862b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=5a60537bdc05a0&c460537bdb05a0&0460537bdb05a0&5160537bdc05a0&5860537bdc05a0&c360537bdb05a00&0360537bdb05a0&8260537bdca8c0&2860537bdc05a00&0d60537bdb05a0&2760537bdb0b40&dd60537bdb27600&ef60537bdb05a00&1f60537bdb05a00&9c60537bdc05a00&6f60537bdc05a0&e660537bdb27600&3960537bdc05a0&f160537bdb05a00&0560537bdc05a0&bf60537bdc05a0&4160537bdc05a0&2d60537bdb05a0&3360537bdc05a0&4960537bdb05a00&4060537bdc05a0&2e60537bdc05a0&ce60537bdc05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
41|105|176|47|65|191|57|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1302
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=ef60537bdb05a00&6960537bdc05a0&0560537bdc05a0&3960537bdc05a0&4960537bdb05a00&ce60537bdc05a00&5860537bdc05a0&0460537bdb05a0&5160537bdc05a0&8260537bdca8c0&b060537bdc05a00&0360537bdb05a0&2860537bdc05a00&0d60537bdb05a0&2960537bdc05a00&9c60537bdc05a00&1f60537bdb05a00&dd60537bdb27600&4160537bdc05a0&bf60537bdc05a0&2d60537bdb05a0&6f60537bdc05a0&e660537bdb27600&f160537bdb05a00&3360537bdc05a0&2f60537bdc05a0&4060537bdc05a0&2e60537bdc05a0&c460537bdc05a0&5a60537bdc05a0&c360537bdb05a00&2760537bdb0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
syncframe
gum.criteo.com/ Frame 6359 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1514
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 12B1 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
usync.js
eus.rubiconproject.com/ Frame 1AFB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
ed8e6896-6a65-01bc-28fc-4b7e68a3d4d1
sync.1rx.io/usersync/openx/ Frame 592E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/ed8e6896-6a65-01bc-28fc-4b7e68a3d4d1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 592E
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1870471593588970511
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1870471593588970511
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1870471593588970511
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame 592E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.33.95 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Wed, 17 Mar 2021 16:12:12 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
ups.analytics.yahoo.com/ups/55981/ Frame 592E
Redirect Chain
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&verify=true
  • https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 592E
Redirect Chain
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame 592E
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 18 Mar 2021 16:12:12 GMT
server
akka-http/10.1.9
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame AF8C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
adc24db6dee62cdd102fbbaa5a1164cfb833659736d067fe509e73062054dfa1

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=ef60537bdb05a00&6960537bdc05a0&0560537bdc05a0&3960537bdc05a0&4960537bdb05a00&ce60537bdc05a00&5860537bdc05a0&0460537bdb05a0&5160537bdc05a0&8260537bdca8c0&b060537bdc05a00&0360537bdb05a0&2860537bdc05a00&0d60537bdb05a0&2960537bdc05a00&9c60537bdc05a00&1f60537bdb05a00&dd60537bdb27600&4160537bdc05a0&bf60537bdc05a0&2d60537bdb05a0&6f60537bdc05a0&e660537bdb27600&f160537bdb05a00&3360537bdc05a0&2f60537bdc05a0&4060537bdc05a0&2e60537bdc05a0&c460537bdc05a0&5a60537bdc05a0&c360537bdb05a00&2760537bdb0b40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
188|10|152|218|81|64|46|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1309
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=5a60537bdc05a0&c460537bdc05a0&c360537bdb05a00&2760537bdb0b40&0a60537bdc27600&bc60537bdc05a00&9c60537bdc05a00&1f60537bdb05a00&dd60537bdb27600&bf60537bdc05a0&4160537bdc05a0&2d60537bdb05a0&f160537bdb05a00&e660537bdb27600&6f60537bdc05a0&3360537bdc05a0&4060537bdc05a0&2f60537bdc05a0&2e60537bdc05a0&5860537bdc05a0&0460537bdb05a0&5160537bdc05a0&8260537bdca8c0&da60537bdc27600&b060537bdc05a00&0360537bdb05a0&2860537bdc05a00&0d60537bdb05a0&2960537bdc05a00&ef60537bdb05a00&9860537bdc05a00&3960537bdc05a0&0560537bdc05a0&6960537bdc05a0&4960537bdb05a00&be60537bdc05a0&ce60537bdc05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
usync.js
eus.rubiconproject.com/ Frame 7E51 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
ed8e6896-6a65-01bc-28fc-4b7e68a3d4d1
sync.1rx.io/usersync/openx/ Frame 8475 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/ed8e6896-6a65-01bc-28fc-4b7e68a3d4d1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 8475
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1875819618262150154
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1875819618262150154
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame 8475
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.33.95 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Wed, 17 Mar 2021 16:12:12 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=b4478fbe-414d-0ad2-0886-339031759999
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
ups.analytics.yahoo.com/ups/55981/ Frame 8475
Redirect Chain
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4
  • https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&verify=true
  • https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55981/sync?_origin=1&gdpr=0&uid=507cfb7d-c9ba-099e-2b36-d39c59b86cc4&apid=UPb2aea9d3-8804-11eb-9032-029e8c18f6c2
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 8475
Redirect Chain
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff
  • https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:11 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=76&3pid=1256a634-fb64-09da-3fad-a430b6aaa7ff&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame 8475
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 18 Mar 2021 16:12:12 GMT
server
akka-http/10.1.9
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=cbc222c9-f75d-088d-0963-2deac75e589b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
syncframe
gum.criteo.com/ Frame 70F0 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1680
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3937 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame 6C09 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid
ee4a341e-2d94-47d7-a9ac-47b9df3f178c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0536 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20136bbe7fbecb855c83c436d35cba9899a13379cf6c7f92900d28b2136b8827

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=5a60537bdc05a0&c460537bdc05a0&c360537bdb05a00&2760537bdb0b40&0a60537bdc27600&bc60537bdc05a00&9c60537bdc05a00&1f60537bdb05a00&dd60537bdb27600&bf60537bdc05a0&4160537bdc05a0&2d60537bdb05a0&f160537bdb05a00&e660537bdb27600&6f60537bdc05a0&3360537bdc05a0&4060537bdc05a0&2f60537bdc05a0&2e60537bdc05a0&5860537bdc05a0&0460537bdb05a0&5160537bdc05a0&8260537bdca8c0&da60537bdc27600&b060537bdc05a00&0360537bdb05a0&2860537bdc05a00&0d60537bdb05a0&2960537bdc05a00&ef60537bdb05a00&9860537bdc05a00&3960537bdc05a0&0560537bdc05a0&6960537bdc05a0&4960537bdb05a00&be60537bdc05a0&ce60537bdc05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
109|8|46|105|3|88|45|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1671
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=5860537bdc05a0&5160537bdc05a0&0460537bdb05a0&da60537bdc27600&8260537bdca8c0&0360537bdc05a0&b060537bdc05a00&2960537bdc05a00&2860537bdc05a00&0d60537bdc05a0&ef60537bdb05a00&9860537bdc05a00&0860537bdc05a00&0560537bdc05a0&6960537bdc05a0&3960537bdc05a0&4960537bdb05a00&be60537bdc05a0&ce60537bdc05a00&c460537bdc05a0&5a60537bdc05a0&c360537bdb05a00&2760537bdb0b40&1f60537bdb05a00&9c60537bdc05a00&bc60537bdc05a00&0a60537bdc27600&dd60537bdb27600&2d60537bdc05a0&bf60537bdc05a0&4160537bdc05a0&f160537bdb05a00&6f60537bdc05a0&e660537bdb27600&6d60537bdc05a0&3360537bdc05a0&2e60537bdc05a0&2f60537bdc05a0&4060537bdc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame 6EBA 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid
2e3905ff-a7e6-40d0-ba03-61305dc90d78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncOpenX
rtb.adentifi.com/ Frame DD21 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.116.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
csync.loopme.me/ Frame DD21 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=9b1954a4-b700-0752-251a-19e67ebc009f&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.172.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.172.202.116.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
server
_
usync.js
eus.rubiconproject.com/ Frame E9B2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
syncframe
gum.criteo.com/ Frame 0133 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1604
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CBD6 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
syncframe
gum.criteo.com/ Frame A7CB 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1442
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B264 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
syncframe
gum.criteo.com/ Frame 42F5 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1644
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7693 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame FBAA 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.81:80
AN-X-Request-Uuid
90225c13-ddd6-44d4-a4a4-16a7aa369d4b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5D8D 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46337170fd1b6e71c5602ad9d69f0d6df2cc4956ec95b08e9a660da3b9e24471

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=5860537bdc05a0&5160537bdc05a0&0460537bdb05a0&da60537bdc27600&8260537bdca8c0&0360537bdc05a0&b060537bdc05a00&2960537bdc05a00&2860537bdc05a00&0d60537bdc05a0&ef60537bdb05a00&9860537bdc05a00&0860537bdc05a00&0560537bdc05a0&6960537bdc05a0&3960537bdc05a0&4960537bdb05a00&be60537bdc05a0&ce60537bdc05a00&c460537bdc05a0&5a60537bdc05a0&c360537bdb05a00&2760537bdb0b40&1f60537bdb05a00&9c60537bdc05a00&bc60537bdc05a00&0a60537bdc27600&dd60537bdb27600&2d60537bdc05a0&bf60537bdc05a0&4160537bdc05a0&f160537bdb05a00&6f60537bdc05a0&e660537bdb27600&6d60537bdc05a0&3360537bdc05a0&2e60537bdc05a0&2f60537bdc05a0&4060537bdc05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
57|105|5|65|46|47|81|39
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1418
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=c360537bdb05a00&5a60537bdc05a0&c460537bdc05a0&2760537bdc0b40&2d60537bdc05a0&bf60537bdc05a0&4160537bdc05a0&f160537bdb05a00&e660537bdb27600&6f60537bdc05a0&9c60537bdc05a00&1f60537bdb05a00&bc60537bdc05a00&0a60537bdc27600&dd60537bdb27600&2e60537bdc05a0&2f60537bdc05a0&4060537bdc05a0&6d60537bdc05a0&3360537bdc05a0&da60537bdc27600&8260537bdca8c0&0360537bdc05a0&b060537bdc05a00&5860537bdc05a0&5160537bdc05a0&0460537bdb05a0&2960537bdc05a00&0d60537bdc05a0&2860537bdc05a00&0860537bdc05a00&6960537bdc05a0&0560537bdc05a0&3960537bdc05a0&ef60537bdb05a00&9860537bdc05a00&ce60537bdc05a00&4960537bdb05a00&be60537bdc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
syncframe
gum.criteo.com/ Frame 291F 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1632
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B5AF 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
syncframe
gum.criteo.com/ Frame F281 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1833
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 80AE 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
usync.js
eus.rubiconproject.com/ Frame 6777 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60261
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Fri, 19 Mar 2021 08:56:33 GMT
syncframe
gum.criteo.com/ Frame DB20 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1436
date
Thu, 18 Mar 2021 16:12:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame FC91 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 0C1D 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 18 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1141
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 4E9D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5054081296408971009
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5054081296408971009
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5054081296408971009; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:11 GMT; path=/ PugT=1616083931; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:11 GMT; path=/
X-lat
amspug016:0:398
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5054081296408971009
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7BA6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNgU7ApvgAABDqtGVPVA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=48109513688616035
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNgU7ApvgAABDqtGVPVA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D48109513688616035%26bee_sync_partners%3Dpm%26bee_sync_c...
  • https://match.prod.bidr.io/cookie-sync?userid=48109513688616035&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=2&ev=AACNgU7ApvgAABDqtGVPVA&pid=558502&do=add
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; chkChromeAb67Sec=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:14 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:14 GMT; path=/ PugT=1616083934; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:14 GMT; path=/
X-lat
amspug012:0:370
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 18 Mar 2021 16:12:15 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNgU7ApvgAABDqtGVPVA
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 1226
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027635553695893
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027635553695893
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:13 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941027635553695893; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:13 GMT; path=/ PugT=1616083933; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:13 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:13 GMT; path=/
X-lat
lhrpug011:0:564
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:12 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941027635553695893; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027635553695893
bridge
cm.adgrx.com/ Frame B528 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 18 Mar 2021 16:12:12 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 4464
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AHEkt253nW7jaCcqrhRlWfiM
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AHEkt253nW7jaCcqrhRlWfiM
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:11 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:11 GMT; path=/ PugT=1616083931; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:11 GMT; path=/
X-lat
amspug007:0:408
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=AHEkt253nW7jaCcqrhRlWfiM
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 8B03
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=ahnoeUm5abnAyuoEVMoxgB4GYQUtXVYdBN1ZdP4ip
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dabf06c18ec27939a7345754a9ee9167b1616083932; expires=Sat, 17-Apr-21 16:12:12 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aYnsIHyKalGobWm8ZbRiFgmbGQTq3fZcTx7iZdVYLVE53as5D2qd7VUPGNk8BLafN1gr4f5ZcsJT79lVYowUMBMtApWQ; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:13 GMT; SameSite=None; Secure; ANON_ID_old=aYnsIHyKalGobWm8ZbRiFgmbGQTq3fZcTx7iZdVYLVE53as5D2qd7VUPGNk8BLafN1gr4f5ZcsJT79lVYowUMBMtApWQ; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:13 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08e7b4eeee00003248b421c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbdc4ab6b3248-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-type
text/html
set-cookie
__cfduid=dabf06c18ec27939a7345754a9ee9167b1616083932; expires=Sat, 17-Apr-21 16:12:12 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=ahnoeUm5abnAyuoEVMoxgB4GYQUtXVYdBN1ZdP4ip; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:12 GMT; SameSite=None; Secure; ANON_ID_old=ahnoeUm5abnAyuoEVMoxgB4GYQUtXVYdBN1ZdP4ip; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:12 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
4174
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08e7b4ee3500003248fe820000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbdc38a533248-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 43B7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=hOtmb40VcEcI&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=hOtmb40VcEcI&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; chkChromeAb67Sec=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:15 GMT; path=/
X-lat
lhrpug002:0:731
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-4lglg
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=hOtmb40VcEcI;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 13-Mar-2022 16:12:15 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=eb32ca08efd1d428; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=hOtmb40VcEcI&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1960
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 varnish
x-served-by
cache-fra19132-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616083938.544509,VS0,VE10
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 18-Mar-2022 16:12:12 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b61732e-1fd5-4c4c-9904-0a6a033c5593-tuct74d015c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 varnish
x-served-by
cache-hhn11563-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616083933.775647,VS0,VE75
x-vcl-time-ms
75
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 304E
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616083933945; TapAd_DID=b39ade93-8804-11eb-affc-1aec34be1802
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:14 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 18 Mar 2021 16:12:13 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616083933945;Expires=Mon, 17 May 2021 16:12:13 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b39ade93-8804-11eb-affc-1aec34be1802;Expires=Mon, 17 May 2021 16:12:13 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 7314
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cjRQy0iI1LmVfR5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cjRQy0iI1LmVfR5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=90400714&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:13 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:13 GMT; path=/ PugT=1616083933; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:13 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:13 GMT; path=/
X-lat
lhrpug016:0:500
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 18 Mar 2021 16:12:12 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cjRQy0iI1LmVfR5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=cjRQy0iI1LmVfR5; Domain=.w55c.net; Expires=Mon, 18-Apr-2022 16:12:12 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 17-Apr-2021 16:12:12 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h-2hdjzgRmKjzB9ur-eo7g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=149113
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 20 Mar 2021 09:37:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame DFD1 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
631fbdc34b4fc2d1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e7b4ee0f0000c2d18d2ba000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame DFD1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:11 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:10 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODdFREExNzYtM0NFMC00NjYyLUEzQ0MtMUY2RUFGRTdBOEVF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
X-lat
amspug015:0:348
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKrlari2-FEWbBEW_Od5Y4c&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKrlari2-FEWbBEW_Od5Y4c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
X-lat
amspug007:0:520
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKrlari2-FEWbBEW_Od5Y4c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DFD1 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 17 Mar 2021 16:12:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug003:0:435
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5555003135749739312
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5555003135749739312
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug009:0:543
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5555003135749739312
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e0916053-7bd9-4c00-9fd3-a60057a08047&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e0916053-7bd9-4c00-9fd3-a60057a08047&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug010:0:476
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 18 Mar 2021 16:13:14 GMT
Server
MT3 3611 f10363c master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e0916053-7bd9-4c00-9fd3-a60057a08047&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=91258967075929366&gdpr=0&gdpr_consent=
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=91258967075929366&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
X-lat
amspug001:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid
16adaa07-2c5c-43af-ad26-2cdcb196637b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=91258967075929366&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bsw_sync
ads.creative-serving.com/ Frame DFD1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d888dd76-2b89-4411-a7f1-d6c4295fd83b
0
0
87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DFD1 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m7H6R9tE2uX9D6JwvkyivZEY1cNY9bs-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m7H6R9tE2uX9D6JwvkyivZEY1cNY9bs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m7H6R9tE2uX9D6JwvkyivZEY1cNY9bs-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
X-lat
amspug008:0:377
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN72gAAAKFexizr&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN72gAAAKFexizr&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug011:0:445
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083933.726479,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN72gAAAKFexizr&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
X-lat
lhrpug001:0:422
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4444592662612151145&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c8ba1d4-32c9-4fb5-8a5c-6ab703d0f8c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c8ba1d4-32c9-4fb5-8a5c-6ab703d0f8c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug008:0:349
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c8ba1d4-32c9-4fb5-8a5c-6ab703d0f8c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:11 GMT
X-lat
amspug020:0:292
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame DFD1 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug003:0:261
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid
28d33ba7-fa4f-4e7d-8287-bcb45f640f09
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
lhrpug011:0:515
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
date
Thu, 18 Mar 2021 16:12:14 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame DFD1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b2d0d868-8804-11eb-ade0-a91a1c6afdd8&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b2d0d868-8804-11eb-ade0-a91a1c6afdd8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug001:0:493
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b2d0d868-8804-11eb-ade0-a91a1c6afdd8&gdpr=0&gdpr_consent=
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b51d120e-8804-11eb-92b2-e769122b3ea0
usync.js
eus.rubiconproject.com/ Frame 215C 		0
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 78CD 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81f06f444a4116798aa537ffbcd7f573f34fbb736404d8a457bd7784b7ad97d6

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3202; CMID=YFN722IBF1OtO6t6XkyggQAA; CMPRO=1113; CMST=YFN722BTe9wA; CMRUM3=c360537bdb05a00&5a60537bdc05a0&c460537bdc05a0&2760537bdc0b40&2d60537bdc05a0&bf60537bdc05a0&4160537bdc05a0&f160537bdb05a00&e660537bdb27600&6f60537bdc05a0&9c60537bdc05a00&1f60537bdb05a00&bc60537bdc05a00&0a60537bdc27600&dd60537bdb27600&2e60537bdc05a0&2f60537bdc05a0&4060537bdc05a0&6d60537bdc05a0&3360537bdc05a0&da60537bdc27600&8260537bdca8c0&0360537bdc05a0&b060537bdc05a00&5860537bdc05a0&5160537bdc05a0&0460537bdb05a0&2960537bdc05a00&0d60537bdc05a0&2860537bdc05a00&0860537bdc05a00&6960537bdc05a0&0560537bdc05a0&3960537bdc05a0&ef60537bdb05a00&9860537bdc05a00&ce60537bdc05a00&4960537bdb05a00&be60537bdc05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
81|191|51|47|130|65|190|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1379
Expires
Thu, 18 Mar 2021 16:12:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YFN722IBF1OtO6t6XkyggQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMPRO=1113;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Jun 2021 16:12:12 GMT CMRUM3=2960537bdc05a00&0d60537bdc05a0&2860537bdc05a00&5160537bdc05a0&0460537bdb05a0&5860537bdc05a0&0360537bdc05a0&b060537bdc05a00&da60537bdc27600&8260537bdca8c0&be60537bdc05a0&4960537bdb05a00&ce60537bdc05a00&9860537bdc05a00&ef60537bdb05a00&3960537bdc05a0&0560537bdc05a0&6960537bdc05a0&0860537bdc05a00&2760537bdc0b40&5a60537bdc05a0&c460537bdc05a0&c360537bdb05a00&3360537bdc05a0&6d60537bdc05a0&2e60537bdc05a0&4060537bdc05a0&2f60537bdc05a0&dd60537bdb27600&bc60537bdc05a00&1f60537bdb05a00&9c60537bdc05a00&0a60537bdc27600&6f60537bdc05a0&e660537bdb27600&f160537bdb05a00&2d60537bdc05a0&bf60537bdc05a0&4160537bdc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Mar 2022 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame 6071 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
a63b8f71-b871-4582-a799-dc0a7ccf657e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AF7F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid
39ed7e69-598a-4278-a962-dd9708178ae6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 60B2 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
727162eb-78f5-4e32-abd4-e4bb2feaaf4f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame C364 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.kufar.by
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.kufar.by
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hintfly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hintfly.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1186
date
Thu, 18 Mar 2021 16:12:12 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame FBEF 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://hintfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 19 Mar 2021 16:12:12 GMT
async_usersync
ib.adnxs.com/ Frame 128B 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid
c205ad5e-47e6-4d5c-8095-07d6b6690fe9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 92C9 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
8694d6c7-f5f9-4293-85d6-0523aedd75c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6FE1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YFN722IBF1OtO6t6XkyggQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6FE1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6FE1 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 6FE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFN722IBF1OtO6t6XkyggQAABFkAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
0
0
indexexchange
sync.adotmob.com/cookie/ Frame 6FE1 		0
0
crum
dsum-sec.casalemedia.com/ Frame 6FE1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 17 Mar 2021 16:12:13 GMT
113
match.deepintent.com/usersync/ Frame 6FE1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
content-length
0
server
a
cookiesync
bttrack.com/pixel/ Frame 6FE1 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:04 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6FE1 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
crum
dsum-sec.casalemedia.com/ Frame 5E7F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFN722IBF1OtO6t6XkyggQAABFkAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
0
0
dcm
s.amazon-adsystem.com/ Frame 5E7F 		0
0
casale
match.adsrvr.org/track/cmf/ Frame 5E7F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YFN722IBF1OtO6t6XkyggQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cc
px.owneriq.net/eucm/p/ Frame 5E7F 		0
0
tpid=YFN722IBF1OtO6t6XkyggQAA%261113
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 5E7F 		0
0
crum
dsum-sec.casalemedia.com/ Frame 5E7F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-78e72161-0500-453d-9b7c-a74f2082b720
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-78e72161-0500-453d-9b7c-a74f2082b720
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-78e72161-0500-453d-9b7c-a74f2082b720
date
Thu, 18 Mar 2021 16:12:14 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum.casalemedia.com/ Frame 5E7F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=&av_tc=true
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=8bd8a3e6-f9a9-49fe-b52b-53cf08044133&expires=2&ssp=index&bsw_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=d888dd76-2b89-4411-a7f1-d6c4295fd83b
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:18 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=d888dd76-2b89-4411-a7f1-d6c4295fd83b
date
Thu, 18 Mar 2021 16:12:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5E7F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
/
onetag-sys.com/usync/ Frame EB74 		0
0
async_usersync
ib.adnxs.com/ Frame B358 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid
d1bb9e20-ebed-486a-885a-063ac621e0f8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A8C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid
f37302cb-9bb6-4662-a3cb-905879a64609
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YFN722IBF1OtO6t6XkyggQAABFkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A8C 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A8C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083933.261544,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 5A8C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:13:14 GMT
Server
MT3 3611 f10363c master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:13 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A8C
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f33dc6e2-822f-42a5-8705-2e3779ed5dc7
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f33dc6e2-822f-42a5-8705-2e3779ed5dc7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f33dc6e2-822f-42a5-8705-2e3779ed5dc7
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A8C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zyAC3M5yU43UJATZnSIaiZslA47UJFPXnHY14dkA
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zyAC3M5yU43UJATZnSIaiZslA47UJFPXnHY14dkA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zyAC3M5yU43UJATZnSIaiZslA47UJFPXnHY14dkA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 5A8C 		0
0
ping_match.gif
pm.w55c.net/ Frame 5A8C 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5A8C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
YFN722IBF1OtO6t6XkyggQAABFkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BB54 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
39ce703e-50a5-46f2-8bb9-05c54716a437
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4444592662612151145
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4444592662612151145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4444592662612151145
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:13:14 GMT
Server
MT3 3611 f10363c master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:13 GMT
user-registering
ads.stickyadstv.com/ Frame BB54 		0
0
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
indexexchange
sync.adotmob.com/cookie/ Frame BB54 		0
0
us.php
gu.dyntrk.com/adx/ie/ Frame BB54 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BB54 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
async_usersync
ib.adnxs.com/ Frame 8FED 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid
e8305c14-d6c7-4754-89a0-482c936dd0aa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5F1E 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
229943ea-8b97-4761-be7f-9385ffed7f8c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YFN722IBF1OtO6t6XkyggQAABFkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E19C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFN722IBF1OtO6t6XkyggQAABFkAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame E19C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083933.374130,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E19C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame E19C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E19C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
899f64d1-5de4-4fa9-aa41-768369ecfbf3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame E19C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame E19C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E19C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame E285
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.167.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a5e3f4726bb9f11c7ac21b8792fb6d21d1c4a69714081edb2d24e097cf1a4b13

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=3e5701d7-a956-42a7-9452-5425a549a0ae
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Thu, 18 Mar 2021 16:12:14 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Thu, 18 Mar 2021 16:12:14 GMT
pragma
no-cache

Redirect headers

date
Thu, 18 Mar 2021 16:12:13 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=3e5701d7-a956-42a7-9452-5425a549a0ae; Path=/; Domain=eqads.com; Expires=Fri, 18 Jun 2021 16:12:13 GMT; Secure; SameSite=None
crum
dsum-sec.casalemedia.com/ Frame 061C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5555003135749739312&expiration=1617293535
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5555003135749739312&expiration=1617293535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5555003135749739312&expiration=1617293535
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 061C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
alt-svc
clear
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 061C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:15 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A879CDB586B94BEAAC102537876D4153
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 17 Mar 2021 16:12:15 GMT
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 061C 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 061C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=da1244c6-5329-4292-a57d-091aba70b624&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:19 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
date
Thu, 18 Mar 2021 16:12:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiesync
bttrack.com/pixel/ Frame 061C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:04 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
index
dmp.brand-display.com/cm/api/ Frame 061C 		0
0
crum
dsum-sec.casalemedia.com/ Frame 061C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 061C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
bridge
cm.adgrx.com/ Frame FEE4 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
113
match.deepintent.com/usersync/ Frame FEE4 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:14 GMT
content-length
0
server
a
ssp
d.adroll.com/cm/index/ Frame FEE4 		0
0
ping_match.gif
pm.w55c.net/ Frame FEE4 		0
0
ix.gif
beacon.lynx.cognitivlabs.com/ Frame FEE4 		0
0
rum
dsum.casalemedia.com/ Frame FEE4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:19 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
date
Thu, 18 Mar 2021 16:12:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum.casalemedia.com/ Frame FEE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid
5db77fa1-cef7-49e0-9940-bfcb007badd1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FEE4
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FEE4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
async_usersync
ib.adnxs.com/ Frame E207 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
9737b91e-3ad4-428d-8fd4-08344fd3de80
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge
cm.adgrx.com/ Frame B616 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
ssp
d.adroll.com/cm/index/ Frame B616 		0
0
113
match.deepintent.com/usersync/ Frame B616 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:13 GMT
content-length
0
server
a
ping_match.gif
pm.w55c.net/ Frame B616 		0
0
rum
dsum.casalemedia.com/ Frame B616
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
index
dmp.brand-display.com/cm/api/ Frame B616 		0
0
crum
dsum-sec.casalemedia.com/ Frame B616
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.php
gu.dyntrk.com/adx/ie/ Frame B616 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B616 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
CookieIndex
rtb.adentifi.com/ Frame AF8C 		0
0
tum
ums.acuityplatform.com/ Frame AF8C 		0
0
crum
dsum-sec.casalemedia.com/ Frame AF8C
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b722e6a4-921b-49ec-a069-74d47becaee7
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b722e6a4-921b-49ec-a069-74d47becaee7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b722e6a4-921b-49ec-a069-74d47becaee7
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame AF8C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.120.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-120-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-04ff01337.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
rWnJn5ptTHU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
36jsc8xAQVU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YFN722IBF1OtO6t6XkyggQAA%261113
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame AF8C 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AF8C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
alt-svc
clear
content-length
0
crum
dsum-sec.casalemedia.com/ Frame AF8C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid
670cab50-81e7-4a01-b911-4e37994f0455
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame AF8C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
fd8092c3-68df-496c-b500-c208887683e6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AF8C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
cm
cm.ctnsnet.com/int/ Frame 0536 		0
0
ix.gif
beacon.lynx.cognitivlabs.com/ Frame 0536 		0
0
crum
dsum-sec.casalemedia.com/ Frame 0536
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid
052a19de-bff7-4223-b0d2-ce101bc5fa59
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ssp
d.adroll.com/cm/index/ Frame 0536 		0
0
crum
dsum-sec.casalemedia.com/ Frame 0536
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:18 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e0916053-7bd9-4c00-9fd3-a60057a08047&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
299
Expires
Thu, 18 Mar 2021 16:12:18 GMT
rum
dsum-sec.casalemedia.com/ Frame 0536
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083933.444563,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFN72gAAAKFexizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 0536
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFN722IBF1OtO6t6XkyggQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEELftJUxiGdbzABItgwR734&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame 0536 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0536 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
crum
dsum-sec.casalemedia.com/ Frame 5D8D
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819618262150154
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ssp
d.adroll.com/cm/index/ Frame 5D8D 		0
0
ix
ad4m.at/ad/sim/ Frame 5D8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 5D8D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5D8D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.10:80
AN-X-Request-Uuid
1a7738de-79a5-48c8-8f5f-af405b806c5c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ping_match.gif
pm.w55c.net/ Frame 5D8D 		0
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 5D8D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5D8D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YFN722IBF1OtO6t6XkyggQAA&cm_dsp_id=39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-224-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5D8D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 78CD 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 78CD 		0
0
rum
dsum.casalemedia.com/ Frame 78CD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b&gdpr=&gdpr_consent=&av_tc=true
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=eb2138ab-860d-4836-948b-f967345ab3e3&expires=2&ssp=index&bsw_param=d888dd76-2b89-4411-a7f1-d6c4295fd83b
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:19 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=226d76ac-1ba4-4955-bfd0-dfaba00c83be
date
Thu, 18 Mar 2021 16:12:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ping_match.gif
pm.w55c.net/ Frame 78CD 		0
0
crum
dsum-sec.casalemedia.com/ Frame 78CD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNgU7ApvgAABDqtGVPVA&expiration=1617293533
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame 78CD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616170333
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum.casalemedia.com/ Frame 78CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:13 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.81:80
AN-X-Request-Uuid
35672bf2-45b5-47b6-b2f8-43b786be00a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=91258967075929366
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 78CD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT

Redirect headers

date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348&expiration=1618675937
alt-svc
clear
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 78CD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFN722IBF1OtO6t6XkyggQAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hintfly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3545
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 17:11:19 GMT
async_usersync
ib.adnxs.com/ Frame 6C09 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.82:80
AN-X-Request-Uuid
3cd2f6f6-7840-4d4f-96f7-69bbcad236d6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6EBA 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid
2fab887b-e623-45e8-bdb0-0451d881f47f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FBAA 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:14 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
23ce0b1b-7320-4953-9afe-5c90566555fb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6071 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:14 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid
27e95ff2-e3fd-40d9-9893-ab8141324a95
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E285 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3e5701d7-a956-42a7-9452-5425a549a0ae&expiration=1624032734
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Mar 2021 16:12:17 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame AF0D 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143902
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame DFD1 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:13 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2D7E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; repi=1; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143902
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5BC0 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; repi=1; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3F1A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; repi=1; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0BB6 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; repi=1; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame AF0D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50409426&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6bd232f13f1157f2d403a2c6a4828bc1df2ab97cf566469ea90ec846cff1a110

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1564
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7E1F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1618617600%3A203%7C1616630400%3A223_2_67_15%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A204_71_56_166_88_54_161_81_55_78_220_3_189_7_222_165_21_22_176_5_104_8_13; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 0BB6 		47 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=65894296&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:15 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
47
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8170 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; chkChromeAb67Sec=2; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame 6874 		35 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50409426&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=5555003135749739312
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 18 Mar 2021 16:12:15 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5555003135749739312; expires=Mon, 17 May 2021 16:12:15 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
sync.targeting.unrulymedia.com/csync/ Frame B9CD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7782430588
  • https://sync.1rx.io/usersync/tradedesk/e93f2ab4-8f68-4846-a257-51533e3b21af
  • https://sync.1rx.io/usersync/tradedesk/e93f2ab4-8f68-4846-a257-51533e3b21af?zcc=1&dspret=0&cb=1616083937494
  • https://sync.targeting.unrulymedia.com/csync/RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50409426&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Host
sync.targeting.unrulymedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Tengine
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Length
43
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003%22%7D; path=/; expires=Fri, 18 Mar 2022 16:12:17 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Server
Tengine
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate
Expires
0
Pragma
no-cache
Location
https://sync.targeting.unrulymedia.com/csync/RX-3f5b5415-c20f-47c3-9b52-78c61f77ce3f-003
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 9F87
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A879CDB586B94BEAAC102537876D4153
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A879CDB586B94BEAAC102537876D4153
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50409426&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; chkChromeAb67Sec=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:15 GMT; path=/
X-lat
lhrpug014:0:369
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 18 Mar 2021 16:12:15 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A879CDB586B94BEAAC102537876D4153
expires
Wed, 17 Mar 2021 16:12:15 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame DB68 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50409426&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Length
0
Connection
keep-alive
mw
mwzeom.zeotap.com/ Frame AF0D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=e93f2ab4-8f68-4846-a257-51533e3b21af&icm
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=e93f2ab4-8f68-4846-a257-51533e3b21af&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=4f565746512aa63d
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7456e28d-35ae-41be-76f5-9af2c1bd0d5a&reqId=314c5515-f60e-4194-5317-e3d8dc6bf6fe&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEA9apX5ZI1QJ1zxfLHCmTh8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7456e28d-35ae-41be-76f5-9af2c1bd0d5a&reqId=314c5515-f60e-4194-5317-e3d...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame AF0D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e0916053-7bd9-4c00-9fd3-a60057a08047
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e0916053-7bd9-4c00-9fd3-a60057a08047
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 18 Mar 2021 16:13:20 GMT
Server
MT3 3611 f10363c master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e0916053-7bd9-4c00-9fd3-a60057a08047
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:19 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E601 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; repi=1; chkChromeAb67Sec=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A2C9 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; repi=1; chkChromeAb67Sec=3; pubsyncexp=1616105535477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 80E9 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=87EDA176-3CE0-4662-A3CC-1F6EAFE7A8EE; KRTBCOOKIE_409=22966-AHEkt253nW7jaCcqrhRlWfiM&KRTB&23212-AHEkt253nW7jaCcqrhRlWfiM; PUBMDCID=3; KRTBCOOKIE_336=5844-5054081296408971009; KRTBCOOKIE_153=1923-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&19420-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu&KRTB&22979-ggMSpoNRQ_eZBxSj0AEK89YGE_SZB0Ot0VU22nHu; KRTBCOOKIE_80=16514-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&22987-CAESEKrlari2-FEWbBEW_Od5Y4c&KRTB&23025-CAESEKrlari2-FEWbBEW_Od5Y4c; KRTBCOOKIE_57=22776-91258967075929366; KRTBCOOKIE_188=3189-4b98a740-4062-4f31-91ec-8c40c484cb7e-60537bdb-4348; KRTBCOOKIE_699=22727-AACNgU7ApvgAABDqtGVPVA; KRTBCOOKIE_107=1471-uid:cjRQy0iI1LmVfR5; KRTBCOOKIE_1101=23040-6941027635553695893; KRTBCOOKIE_22=14911-4444592662612151145; KRTBCOOKIE_391=22924-5555003135749739312&KRTB&23263-5555003135749739312; PugT=1616083934; KRTBCOOKIE_27=16735-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&16736-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23019-uid:e0916053-7bd9-4c00-9fd3-a60057a08047&KRTB&23114-uid:e0916053-7bd9-4c00-9fd3-a60057a08047; KRTBCOOKIE_218=22978-YFN72gAAAKFexizr&KRTB&23194-YFN72gAAAKFexizr&KRTB&23209-YFN72gAAAKFexizr&KRTB&23244-YFN72gAAAKFexizr; KRTBCOOKIE_377=6810-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&22918-e93f2ab4-8f68-4846-a257-51533e3b21af&KRTB&23031-e93f2ab4-8f68-4846-a257-51533e3b21af; KRTBCOOKIE_1074=22956-e_7983ed6b-ec95-4f43-b7ea-e0ae9e23c864; SPugT=1616083933; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1621209600%3A69%7C1616889600%3A63%7C1617321600%3A35%7C1617235200%3A166_161_56_81_22_5_13_204_71_78_189_7_222_104_55_21_99_57_88_176_220_3_54_8_165%7C1618617600%3A203%7C1616630400%3A2_223_67_15; repi=1; chkChromeAb67Sec=3; pubsyncexp=1616105535477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B13B 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143901
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 80E9 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e55edce3300899ce9cb3c7da847e265f86a5b5eaab346a1c9ae906ed48cd0535

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPUrxhZuvINHpzQmfx_f3p4&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPUrxhZuvINHpzQmfx_f3p4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
amspug018:0:355
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPUrxhZuvINHpzQmfx_f3p4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 80E9 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 17 Mar 2021 16:12:15 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 21B4 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 18 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1172
date
Thu, 18 Mar 2021 16:12:18 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
X-lat
lhrpug011:0:386
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e93f2ab4-8f68-4846-a257-51533e3b21af
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame D29F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; SPugT=1616083937; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; PugT=1616083939
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8940458915196540459; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PugT=1616083937; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:17 GMT; path=/
X-lat
amspug011:0:584
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8935966940086045690
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8935966940086045690
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug019:0:506
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8935966940086045690
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug017:0:370
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 18 Mar 2021 16:13:20 GMT
Server
MT3 3611 f10363c master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:19 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4405628821684773312&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4405628821684773312&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
amspug016:0:357
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid
5a99a17f-bc6f-436e-a31c-c5490c1ec230
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4405628821684773312&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=226d76ac-1ba4-4955-bfd0-dfaba00c83be
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=226d76ac-1ba4-4955-bfd0-dfaba00c83be
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c0628730-e40e-40ae-87f6-34cd75819ff4&user_group=1&ssp=pubmatic&bsw_param=226d76ac-1ba4-4955-bfd0-dfaba00c83be
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
X-lat
lhrpug014:0:345
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 18 Mar 2021 16:12:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:14 GMT
X-lat
amspug013:0:463
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7635
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNWIwN0FwdmdBQUJDaWNXS05MUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE5b07ApvgAABCicWKNLQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAE5b07ApvgAABCicWKNLQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE5b07ApvgAABCicWKNLQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6338613834835168445
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5b07ApvgAABCicWKNLQ
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5b07ApvgAABCicWKNLQ
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_3_56_165_220_88_189_78_71_81_8_166_204_21_161_176_7_222_5_104_54_22_55%7C1616630400%3A67_15_2_223%7C1617321600%3A35%7C1618617600%3A203; PUBMDCID=3; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_153=1923-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7&KRTB&19420-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7&KRTB&22979-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7; KRTBCOOKIE_391=22924-8935966940086045690&KRTB&23263-8935966940086045690; KRTBCOOKIE_80=16514-CAESEPUrxhZuvINHpzQmfx_f3p4&KRTB&22987-CAESEPUrxhZuvINHpzQmfx_f3p4&KRTB&23025-CAESEPUrxhZuvINHpzQmfx_f3p4; KRTBCOOKIE_57=22776-4405628821684773312; KRTBCOOKIE_1074=22956-e_29b7a8a1-ba96-4201-982d-70c048f6567f; PugT=1616083936
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:14 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AAE5b07ApvgAABCicWKNLQ; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:14 GMT; path=/ PugT=1616083934; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:14 GMT; path=/
X-lat
amspug014:0:527
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE5b07ApvgAABCicWKNLQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 9184
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027657016408215
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027657016408215
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_3_56_165_220_88_189_78_71_81_8_166_204_21_161_176_7_222_5_104_54_22_55%7C1616630400%3A67_15_2_223%7C1617321600%3A35%7C1618617600%3A203; PUBMDCID=3; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_153=1923-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7&KRTB&19420-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7&KRTB&22979-CkK6cgsQ6ycRF-l5CRGidgRLuCcRRbd0CBfRWED7; KRTBCOOKIE_391=22924-8935966940086045690&KRTB&23263-8935966940086045690; KRTBCOOKIE_80=16514-CAESEPUrxhZuvINHpzQmfx_f3p4&KRTB&22987-CAESEPUrxhZuvINHpzQmfx_f3p4&KRTB&23025-CAESEPUrxhZuvINHpzQmfx_f3p4; KRTBCOOKIE_57=22776-4405628821684773312; KRTBCOOKIE_1074=22956-e_29b7a8a1-ba96-4201-982d-70c048f6567f; KRTBCOOKIE_22=14911-3703334772225254813; KRTBCOOKIE_699=22727-AAE5b07ApvgAABCicWKNLQ; KRTBCOOKIE_218=22978-YFN74AAAAHSLu1LS&KRTB&23194-YFN74AAAAHSLu1LS&KRTB&23209-YFN74AAAAHSLu1LS&KRTB&23244-YFN74AAAAHSLu1LS; PugT=1616083936; KRTBCOOKIE_279=22890-b52f8894-8804-11eb-95e4-ff530cb7fbdb&KRTB&23011-b52f8894-8804-11eb-95e4-ff530cb7fbdb; SPugT=1616083935
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941027657016408215; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PugT=1616083937; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:17 GMT; path=/
X-lat
lhrpug005:0:784
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941027657016408215; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027657016408215
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acbd3bad-f950-4e25-b03e-96f169103476&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acbd3bad-f950-4e25-b03e-96f169103476&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug020:0:340
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acbd3bad-f950-4e25-b03e-96f169103476&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1e4fe391-0e1f-47c1-8161-d2fb1ca299dc-60537be1-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1e4fe391-0e1f-47c1-8161-d2fb1ca299dc-60537be1-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
amspug013:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1e4fe391-0e1f-47c1-8161-d2fb1ca299dc-60537be1-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 695B 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug009:0:572
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:16 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
507bd510-6ca4-4878-8dc9-2c1c3bea3914
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4405628821684773312
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 81A3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_3_56_165_220_88_189_78_71_81_8_166_204_21_161_176_7_222_5_104_54_22_55%7C1616630400%3A67_15_2_223%7C1617321600%3A35%7C1618617600%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:15 GMT; path=/ PugT=1616083935; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:15 GMT; path=/
X-lat
amspug018:0:399
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 18 Mar 2021 16:12:15 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=3Q04a26aTQ017pbU7abYWfiM; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 3FD3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aonoeUq0I1u9yNycRfYNWAPD7H2S66gaY79HPhFp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:16 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d68fdf02f30d29734e156a4cff410fcf11616083936; expires=Sat, 17-Apr-21 16:12:16 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aynseFRwEfFS2QVormfdNO7auJntaSm0jbCFnCYUS2ZcFtJMOUeYo2SZdeW8UQPDgVZcXfunF3DePVujD6Zadq1h; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:16 GMT; SameSite=None; Secure; ANON_ID_old=aynseFRwEfFS2QVormfdNO7auJntaSm0jbCFnCYUS2ZcFtJMOUeYo2SZdeW8UQPDgVZcXfunF3DePVujD6Zadq1h; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:16 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08e7b4fba700001f45cd8a2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbdd909571f45-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 18 Mar 2021 16:12:16 GMT
content-type
text/html
set-cookie
__cfduid=d68fdf02f30d29734e156a4cff410fcf11616083936; expires=Sat, 17-Apr-21 16:12:16 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aonoeUq0I1u9yNycRfYNWAPD7H2S66gaY79HPhFp; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:16 GMT; SameSite=None; Secure; ANON_ID_old=aonoeUq0I1u9yNycRfYNWAPD7H2S66gaY79HPhFp; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:16 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1015
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08e7b4faff00001f450b356000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbdd7f81c1f45-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_29b7a8a1-ba96-4201-982d-70c048f6567f
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_29b7a8a1-ba96-4201-982d-70c048f6567f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug017:0:376
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_29b7a8a1-ba96-4201-982d-70c048f6567f
date
Thu, 18 Mar 2021 16:12:16 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame D2E9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ooC02OLvVRmV&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ooC02OLvVRmV&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617235200%3A13_3_56_165_220_88_189_78_71_81_8_166_204_21_161_176_7_222_5_104_54_22_55%7C1616630400%3A67_15_2_223%7C1617321600%3A35%7C1618617600%3A203; PUBMDCID=3; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; PugT=1616083935
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:16 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:16 GMT; path=/
X-lat
lhrpug007:0:498
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=ooC02OLvVRmV;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 13-Mar-2022 16:12:16 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=0365c4ebce6fb149; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ooC02OLvVRmV&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2439
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 varnish
x-served-by
cache-fra19132-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616083938.544457,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 18-Mar-2022 16:12:17 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d4386bec-1301-466c-a056-5fda50214b52-tuct74d0161&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 varnish
x-served-by
cache-hhn11563-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616083937.392173,VS0,VE56
x-vcl-time-ms
56
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame EFDF
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29419461&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616083936046; TapAd_DID=b4db74e1-8804-11eb-affc-1aec34be1802
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:16 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 18 Mar 2021 16:12:16 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616083936046;Expires=Mon, 17 May 2021 16:12:16 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b4db74e1-8804-11eb-affc-1aec34be1802;Expires=Mon, 17 May 2021 16:12:16 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
ping_match.gif
pm.w55c.net/ Frame 3EFE 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b52f8894-8804-11eb-95e4-ff530cb7fbdb&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b52f8894-8804-11eb-95e4-ff530cb7fbdb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug015:0:478
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b52f8894-8804-11eb-95e4-ff530cb7fbdb&gdpr=0&gdpr_consent=
Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b52f8895-8804-11eb-95e4-ff530cb7fbdb
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 80E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbQ_uM3cTjSJfF7ELaS_Iw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=149112
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 20 Mar 2021 09:37:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 80E9 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
631fbdd98abb4ea3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e7b4fbf200004ea3370d1000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 80E9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:15 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 18 Mar 2021 16:12:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjFCNDNGQjgtQ0REQy00RTM0LTg5N0MtNUVDNDJEQTRCRjIz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:15 GMT
X-lat
amspug010:0:439
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
21B43FB8-CDDC-4E34-897C-5EC42DA4BF23
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 80E9 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/21B43FB8-CDDC-4E34-897C-5EC42DA4BF23?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nC7eEZ5E2uVNYUIn5RwrDTJo8QbjN9g-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nC7eEZ5E2uVNYUIn5RwrDTJo8QbjN9g-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 18 Mar 2021 16:12:15 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nC7eEZ5E2uVNYUIn5RwrDTJo8QbjN9g-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74AAAAHSLu1LS&gdpr=0&gdpr_consent=&_test=YFN74AAAAHSLu1LS
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74AAAAHSLu1LS&gdpr=0&gdpr_consent=&_test=YFN74AAAAHSLu1LS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug005:0:479
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083936.454612,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74AAAAHSLu1LS&gdpr=0&gdpr_consent=&_test=YFN74AAAAHSLu1LS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 80E9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3703334772225254813&gdpr=0&gdpr_consent=&us_privacy=
1 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3703334772225254813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
lhrpug014:0:1665
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3703334772225254813&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 80E9 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=21B43FB8-CDDC-4E34-897C-5EC42DA4BF23&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame AF0D 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:15 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 80E9 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2D7E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143898
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5BC0 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143898
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3F1A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143898
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 2D7E 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dec9990408ea55d834294a924da00d4c4f9b7f6e88a178c542c42cea9643aa76

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHuWlzgDkqlRegdeXCQOKw8&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHuWlzgDkqlRegdeXCQOKw8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
X-lat
amspug007:0:2553
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHuWlzgDkqlRegdeXCQOKw8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2D7E 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 17 Mar 2021 16:12:18 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 04D9 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 18 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1200
date
Thu, 18 Mar 2021 16:12:18 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ef29cf6-29f9-4463-8afb-b2731ff2a02b
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ef29cf6-29f9-4463-8afb-b2731ff2a02b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug016:0:492
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5ef29cf6-29f9-4463-8afb-b2731ff2a02b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame C978
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; SPugT=1616083937; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; PugT=1616083939
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8940458915196540459; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PugT=1616083937; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:17 GMT; path=/
X-lat
amspug003:0:457
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8940458915196540459
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=942249929745085148
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=942249929745085148
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug006:0:2451
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=942249929745085148
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug010:0:320
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 18 Mar 2021 16:13:20 GMT
Server
MT3 3611 f10363c master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c6636053-7be2-4800-8611-c00e24425bf4&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:19 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1506566452629545247&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1506566452629545247&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
X-lat
amspug008:0:415
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:18 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid
35529ec4-2e46-43e5-a40f-e99370d75281
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1506566452629545247&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d726480e-6421-4902-85fe-b088faf90742&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
X-lat
lhrpug018:0:851
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=226d76ac-1ba4-4955-bfd0-dfaba00c83be&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 18 Mar 2021 16:12:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:16 GMT
X-lat
amspug003:0:368
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame A990
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEempFN0FwdmdBQUJDSWhkWk1MZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADzjE7ApvgAABCIhdZMLg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7457729355502456030
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADzjE7ApvgAABCIhdZMLg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7457729355502456030%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=7457729355502456030&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADzjE7ApvgAABCIhdZMLg&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzjE7ApvgAABCIhdZMLg
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzjE7ApvgAABCIhdZMLg
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; KRTBCOOKIE_336=5844-8940458915196540459; KRTBCOOKIE_218=22978-YFN74wAAAJPPYFZV&KRTB&23194-YFN74wAAAJPPYFZV&KRTB&23209-YFN74wAAAJPPYFZV&KRTB&23244-YFN74wAAAJPPYFZV; PugT=1616083939; SPugT=1616083938; KRTBCOOKIE_466=16530-226d76ac-1ba4-4955-bfd0-dfaba00c83be
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AADzjE7ApvgAABCIhdZMLg; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PugT=1616083937; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:17 GMT; path=/
X-lat
amspug004:0:392
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADzjE7ApvgAABCIhdZMLg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 20B4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027661322254487
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027661322254487
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:4; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:18 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941027661322254487; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:18 GMT; path=/ PugT=1616083938; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:18 GMT; path=/
X-lat
lhrpug005:0:527
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:18 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941027661322254487; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941027661322254487
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:12be7ed0-5a25-4588-a1df-33feefebf433&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:12be7ed0-5a25-4588-a1df-33feefebf433&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug004:0:550
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:12be7ed0-5a25-4588-a1df-33feefebf433&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 18 Mar 2021 16:12:18 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
amspug006:0:380
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 939C 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1506566452629545247
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1506566452629545247
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug008:0:951
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 16:12:18 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
06ab2ab9-d33d-4707-9caa-fc7cecdde23a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1506566452629545247
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame D3CD
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:4; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; SPugT=1616083937; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:17 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PugT=1616083937; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:17 GMT; path=/
X-lat
amspug015:0:388
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 18 Mar 2021 16:12:18 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=3Q04a26aTQ017pbU7abYWfiM; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3Q04a26aTQ017pbU7abYWfiM
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 820B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=atnoeUriItwP3PTThUrwSJRqJ63rebmD31T96ofo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:19 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dc566cab4548f9c0471b7210a5f912ea61616083939; expires=Sat, 17-Apr-21 16:12:19 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=apnsIHRkP6j6eCno77Ed05ZbUfZb2osQIV9BwEFJ9psvkTnpVjEBXZbJf8PpmgYZdJM6yPeoAW0DrleZc391UQGwWnrkb; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:19 GMT; SameSite=None; Secure; ANON_ID_old=apnsIHRkP6j6eCno77Ed05ZbUfZb2osQIV9BwEFJ9psvkTnpVjEBXZbJf8PpmgYZdJM6yPeoAW0DrleZc391UQGwWnrkb; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:19 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08e7b506f900001f458eab2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbdeb2cd21f45-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 18 Mar 2021 16:12:18 GMT
content-type
text/html
set-cookie
__cfduid=d4d09faaa79b16123c9de63e60618fead1616083938; expires=Sat, 17-Apr-21 16:12:18 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=atnoeUriItwP3PTThUrwSJRqJ63rebmD31T96ofo; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:18 GMT; SameSite=None; Secure; ANON_ID_old=atnoeUriItwP3PTThUrwSJRqJ63rebmD31T96ofo; path=/; domain=.tribalfusion.com; expires=Wed, 16-Jun-2021 16:12:18 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
9374
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08e7b5058600001f4517a15000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631fbde8da761f45-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e2ca4247-01f4-4e84-88a5-548dabc882c4
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e2ca4247-01f4-4e84-88a5-548dabc882c4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
X-lat
lhrpug009:0:538
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e2ca4247-01f4-4e84-88a5-548dabc882c4
date
Thu, 18 Mar 2021 16:12:18 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0192
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=rp973uyIHoI8&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=rp973uyIHoI8&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:4; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; SPugT=1616083937; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; PugT=1616083938
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:19 GMT; path=/
X-lat
lhrpug002:0:549
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-tjd9h
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=rp973uyIHoI8;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 13-Mar-2022 16:12:18 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=b01f20c7706e2dcf; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=rp973uyIHoI8&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B873
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:19 GMT
via
1.1 varnish
x-served-by
cache-fra19132-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616083939.078968,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 18-Mar-2022 16:12:18 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e098bca1-4094-43ca-b3f3-e4405fbe5f1f-tuct74d0162&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 18 Mar 2021 16:12:18 GMT
via
1.1 varnish
x-served-by
cache-hhn11563-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616083939.709175,VS0,VE65
x-vcl-time-ms
65
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 37E2
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11713525&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616083939046; TapAd_DID=b6a53861-8804-11eb-affc-1aec34be1802
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 18 Mar 2021 16:12:19 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 18 Mar 2021 16:12:19 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616083939046;Expires=Mon, 17 May 2021 16:12:19 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b6a53861-8804-11eb-affc-1aec34be1802;Expires=Mon, 17 May 2021 16:12:19 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
ping_match.gif
pm.w55c.net/ Frame 1E71 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YMl0hj9xRMOAO7ymkK3a7w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=149110
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 20 Mar 2021 09:37:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2D7E 		0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 2D7E
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:16 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=60C97486-3F71-44C3-803B-BCA690ADDAEF&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=60C97486-3F71-44C3-803B-BCA690ADDAEF&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=60C97486-3F71-44C3-803B-BCA690ADDAEF&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 18 Mar 2021 16:12:19 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=60C97486-3F71-44C3-803B-BCA690ADDAEF&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjBDOTc0ODYtM0Y3MS00NEMzLTgwM0ItQkNBNjkwQUREQUVG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:17 GMT
X-lat
amspug013:0:383
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60C97486-3F71-44C3-803B-BCA690ADDAEF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D7E 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/60C97486-3F71-44C3-803B-BCA690ADDAEF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:12:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=60C97486-3F71-44C3-803B-BCA690ADDAEF&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RCsyGZtE2uX4JY29zGXDFFifjCqoGMs-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RCsyGZtE2uX4JY29zGXDFFifjCqoGMs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RCsyGZtE2uX4JY29zGXDFFifjCqoGMs-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74wAAAJPPYFZV&gdpr=0&gdpr_consent=&_test=YFN74wAAAJPPYFZV
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74wAAAJPPYFZV&gdpr=0&gdpr_consent=&_test=YFN74wAAAJPPYFZV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
X-lat
lhrpug019:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616083939.178359,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFN74wAAAJPPYFZV&gdpr=0&gdpr_consent=&_test=YFN74wAAAJPPYFZV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3906840080875431325&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3906840080875431325&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:18 GMT
X-lat
lhrpug019:0:438
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3906840080875431325&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2D7E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=60C97486-3F71-44C3-803B-BCA690ADDAEF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 16:12:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
X-lat
lhrpug006:0:532
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&gdpr=0&gdpr_consent=
Date
Thu, 18 Mar 2021 16:12:18 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b6a4eb27-8804-11eb-8894-fb4ff9ffa6b2
showad.js
ads.pubmatic.com/AdServer/js/ Frame B13B 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; chkChromeAb67Sec=1; DPSync3=1617235200%3A201_227_226_221; SyncRTB3=1616889600%3A63%7C1617321600%3A35%7C1618617600%3A203%7C1616630400%3A15_67_2_223%7C1617235200%3A165_55_88_189_78_5_166_161_22_220_56_104_21_3_7_71_8_81_204_176_54_222_13; SPugT=1616083937; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; PugT=1616083939; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=143897
Expires
Sat, 20 Mar 2021 08:10:36 GMT
Date
Thu, 18 Mar 2021 16:12:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame B13B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=96001989&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
403442719bc2412ef3c6223b107a7ae25bebf9908a2bd45236ff85ecfb14e16c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:12:19 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1564
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 1340 		35 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=60C97486-3F71-44C3-803B-BCA690ADDAEF
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=96001989&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=60C97486-3F71-44C3-803B-BCA690ADDAEF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=942249929745085148
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 18 Mar 2021 16:12:19 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=942249929745085148; expires=Mon, 17 May 2021 16:12:19 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C353
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=870646222
  • https://sync.1rx.io/usersync/tradedesk/5ef29cf6-29f9-4463-8afb-b2731ff2a02b
  • https://sync.targeting.unrulymedia.com/csync/RX-92454d04-77d7-4993-b222-9fc20163b137-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-92454d04-77d7-4993-b222-9fc20163b137-003
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-92454d04-77d7-4993-b222-9fc20163b137-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=96001989&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; KRTBCOOKIE_336=5844-8940458915196540459; KRTBCOOKIE_218=22978-YFN74wAAAJPPYFZV&KRTB&23194-YFN74wAAAJPPYFZV&KRTB&23209-YFN74wAAAJPPYFZV&KRTB&23244-YFN74wAAAJPPYFZV; SPugT=1616083938; KRTBCOOKIE_466=16530-226d76ac-1ba4-4955-bfd0-dfaba00c83be; KRTBCOOKIE_699=22727-AADzjE7ApvgAABCIhdZMLg; pi=156383:4; chkChromeAb67Sec=2; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1617321600%3A35%7C1616630400%3A15_223_67_2%7C1617235200%3A21_8_88_5_176_99_22_7_54_81_189_220_56_57_78_104_222_13_165_55_166_161_3_71_204%7C1621209600%3A69%7C1616889600%3A63%7C1618617600%3A203; PugT=1616083939
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:20 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-92454d04-77d7-4993-b222-9fc20163b137-003&KRTB&17107-RX-92454d04-77d7-4993-b222-9fc20163b137-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:20 GMT; path=/ PugT=1616083940; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Apr-2021 16:12:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:20 GMT; path=/
X-lat
lhrpug006:0:425
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Thu, 18 Mar 2021 16:12:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-92454d04-77d7-4993-b222-9fc20163b137-003%22%7D; path=/; expires=Fri, 18 Mar 2022 16:12:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-92454d04-77d7-4993-b222-9fc20163b137-003
ETag
RX92454d0477d74993b2229fc20163b137003
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C0E1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E093CFA0BCB4C1E8C0B0FD40740E509
1 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E093CFA0BCB4C1E8C0B0FD40740E509
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=96001989&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=60C97486-3F71-44C3-803B-BCA690ADDAEF; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941027661322254487; KRTBCOOKIE_409=22966-3Q04a26aTQ017pbU7abYWfiM&KRTB&23212-3Q04a26aTQ017pbU7abYWfiM; KRTBCOOKIE_27=16735-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&16736-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23019-uid:c6636053-7be2-4800-8611-c00e24425bf4&KRTB&23114-uid:c6636053-7be2-4800-8611-c00e24425bf4; KRTBCOOKIE_153=1923-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&19420-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp&KRTB&22979-YjDQmGNigJl5YdyTMDDIzWc23Ml5MYaZYDlFaPYp; KRTBCOOKIE_80=16514-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&22987-CAESEHuWlzgDkqlRegdeXCQOKw8&KRTB&23025-CAESEHuWlzgDkqlRegdeXCQOKw8; KRTBCOOKIE_188=3189-bfd97f88-1cf6-4561-b179-feea3ee084fb-60537be2-4348; KRTBCOOKIE_391=22924-942249929745085148&KRTB&23263-942249929745085148; KRTBCOOKIE_57=22776-1506566452629545247; KRTBCOOKIE_377=6810-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&22918-5ef29cf6-29f9-4463-8afb-b2731ff2a02b&KRTB&23031-5ef29cf6-29f9-4463-8afb-b2731ff2a02b; KRTBCOOKIE_1074=22956-e_e2ca4247-01f4-4e84-88a5-548dabc882c4; KRTBCOOKIE_22=14911-3906840080875431325; KRTBCOOKIE_279=22890-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2&KRTB&23011-b6a4eb26-8804-11eb-8894-fb4ff9ffa6b2; KRTBCOOKIE_336=5844-8940458915196540459; KRTBCOOKIE_218=22978-YFN74wAAAJPPYFZV&KRTB&23194-YFN74wAAAJPPYFZV&KRTB&23209-YFN74wAAAJPPYFZV&KRTB&23244-YFN74wAAAJPPYFZV; SPugT=1616083938; KRTBCOOKIE_466=16530-226d76ac-1ba4-4955-bfd0-dfaba00c83be; KRTBCOOKIE_699=22727-AADzjE7ApvgAABCIhdZMLg; pi=156383:4; chkChromeAb67Sec=2; DPSync3=1617235200%3A201_227_226_221_219_197%7C1616112000%3A174; SyncRTB3=1617321600%3A35%7C1616630400%3A15_223_67_2%7C1617235200%3A21_8_88_5_176_99_22_7_54_81_189_220_56_57_78_104_222_13_165_55_166_161_3_71_204%7C1621209600%3A69%7C1616889600%3A63%7C1618617600%3A203; PugT=1616083939
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 16-Jun-2021 16:12:19 GMT; path=/
X-lat
lhrpug007:0:466
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 18 Mar 2021 16:12:19 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E093CFA0BCB4C1E8C0B0FD40740E509
expires
Wed, 17 Mar 2021 16:12:19 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame F4A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=96001989&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:12:19 GMT
Content-Length
0
Connection
keep-alive
tp=CLOD
sync.crwdcntrl.net/map/ct=y/c=8587/ Frame B13B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=60C97486-3F71-44C3-803B-BCA690ADDAEF
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
0
0
SPug
image4.pubmatic.com/AdServer/ Frame B13B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c6636053-7be2-4800-8611-c00e24425bf4
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c6636053-7be2-4800-8611-c00e24425bf4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 18 Mar 2021 16:12:18 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 18 Mar 2021 16:13:21 GMT
Server
MT3 3611 f10363c master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c6636053-7be2-4800-8611-c00e24425bf4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 18 Mar 2021 16:13:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d888dd76-2b89-4411-a7f1-d6c4295fd83b
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMr1AM-3llxmoJVNNj_ctNU&google_cver=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFN722IBF1OtO6t6XkyggQAABFkAAAAB
Domain
px.owneriq.net
URL
https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YFN722IBF1OtO6t6XkyggQAA%261113
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YFN722IBF1OtO6t6XkyggQAA%261113
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieIndex
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=8
Domain
cm.ctnsnet.com
URL
https://cm.ctnsnet.com/int/cm?exc=19
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEA9apX5ZI1QJ1zxfLHCmTh8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7456e28d-35ae-41be-76f5-9af2c1bd0d5a&reqId=314c5515-f60e-4194-5317-e3d8dc6bf6fe&zcluid=4f565746512aa63d&zdid=1332
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=60C97486-3F71-44C3-803B-BCA690ADDAEF
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| dataLayer object| YaHeaderBiddingSettings function| mindbox object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| ym object| _tmr function| fbq function| _fbq object| googletag object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| Ya object| yaSafeFrameCallbacksStorage number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaads object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Criteo string| r object| s object| yaCounter19426846 object| webpackJsonp object| __NEXT_P boolean| mindboxInitialized function| directCrm object| regeneratorRuntime object| __NEXT_DATA__ object| core object| next object| __NEXT_REDUX_STORE__ object| AdevintaExperimentation object| pulseCisSync function| obj2qs object| fastXDM object| VK object| lazySizes function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleSlot object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| onYouTubeIframeAPIReady object| google_optimize object| conceptJsonp3050 object| yandexContextAsyncCallbacks object| criteo_pubtag object| criteo_pubtag_106 object| Criteo_106 object| pcodeStaticJsonp14159 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| yaCounter357986 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| yandex_context_perf_logging function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| cintvls boolean| isLoadingSafeframeStarted object| yaSafeFrameAsyncCallbacks object| yaCounter576767 object| $sf object| GoogleGcLKhOms object| google_image_requests

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://content.kufar.by/static/kufar-fe-listings/_next/static/chunks/commons.62d2287db9f8cd1241ec.js(Line 1)
Message:
ERROR --> trackListingsView TypeError: Cannot read property 'setItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.kufar.by/listings
console-api log URL: https://hintfly.com/t.js?i=ru2f6xrns6cv15e4g0d&cb=8033461616083924894(Line 30)
Message:
%c [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2656fe73d84fbbcc24348772dbb955be.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad.yieldlab.net
ad4m.at
adfox-c2s-ams.creativecdn.com
adpone-d.openx.net
ads.avads.net
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adx.adform.net
an.yandex.ru
analytics.google.com
ap.lijit.com
api.houston.advgo.net
api.mindbox.ru
api.rees46.com
aud.pubmatic.com
avatars.mds.yandex.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
cache.betweendigital.com
casale-match.dotomi.com
cdn.ampproject.org
ce.lijit.com
cis.mpianalytics.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
collector.mpianalytics.com
connect.facebook.net
content.kufar.by
cre-api.kufar.by
csync.loopme.me
cx.atdmt.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaby.hit.gemius.pl
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
hintfly.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
j.mrpdata.net
js-sec.indexww.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.taboola.com
matchid.adfox.yandex.ru
mc.yandex.ru
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
openx2-match.dotomi.com
ox-delivery-prod-europe-west1.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prg.smartadserver.com
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
r.scoota.co
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.mds.yandex.net
sync-tm.everesttech.net
sync.1dmp.io
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync3.adsniper.ru
sync3.sniperlog.ru
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
visitor.fiftyt.com
vk.com
www.dba.dk-online-pay.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kufar.by
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yams.kufar.by
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
ads.creative-serving.com
ads.stickyadstv.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
cm.ctnsnet.com
d.adroll.com
dmp.brand-display.com
eus.rubiconproject.com
gu.dyntrk.com
mwzeom.zeotap.com
onetag-sys.com
pm.w55c.net
px.owneriq.net
rtb.adentifi.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
sync.adotmob.com
sync.crwdcntrl.net
ums.acuityplatform.com
104.108.50.124
116.202.172.174
13.226.159.100
13.226.159.24
13.226.159.99
13.32.21.47
130.193.49.123
134.17.16.243
142.250.185.66
142.250.186.162
146.59.10.80
151.101.114.49
151.101.13.44
169.197.150.7
169.50.137.190
178.250.0.163
178.250.2.131
178.62.202.251
18.156.0.31
18.184.153.186
18.185.187.62
18.193.144.52
18.200.32.70
184.30.212.16
184.31.84.150
185.184.8.30
185.29.135.233
185.33.221.11
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.138.16
185.86.139.89
192.132.33.46
193.0.160.129
193.232.148.145
198.148.27.140
199.232.137.44
2.19.33.95
2001:678:cb4:bbbb::11
2001:6d0:4001::226
213.155.156.168
213.19.147.150
213.19.162.31
217.69.133.145
23.111.200.118
23.210.248.12
23.210.249.164
23.210.249.83
23.210.249.92
2606:4700:10::6816:1857
2606:4700:10::ac43:db6
2606:4700:20::681a:a19
2606:4700:3039::6815:c01b
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9b
2a00:1450:400c:c09::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:13::1370
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.45.2
3.127.88.255
3.231.119.144
31.172.81.160
31.172.81.172
34.120.25.144
34.241.141.160
34.248.155.99
34.95.120.147
34.96.105.8
34.98.107.212
35.157.13.31
35.201.96.126
35.205.207.25
35.210.53.219
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.6.241
37.157.6.247
38.27.122.126
5.254.23.213
51.178.20.139
51.210.112.63
52.30.234.204
52.44.116.71
52.50.99.220
52.51.224.103
52.54.178.102
52.95.124.165
54.194.211.3
54.220.47.170
54.228.192.197
54.236.220.178
54.78.254.47
54.85.167.1
63.33.120.132
66.155.71.150
69.173.144.138
72.251.241.206
72.251.249.9
77.243.60.138
85.114.159.93
87.240.190.72
88.99.213.228
88.99.70.162
89.108.120.76
92.119.114.139
94.23.73.243
99.81.248.185
001214eedf2128ba35028f38424075150938ee7d6cbccd39813076b3b0a587ac
01737a92ec734bfa6deabe096b0a7a0faaa004e092d2e52633c2c97076ca8b2e
01bfae1ae5bca5f321f40d097446d826cdf0f47bfd91e2649444746e4eb38cec
040f8762c75fef35ca7cf3685b5e80e36a61e94f96f08364da43f6ad7c60e922
044f672e603847731a755f9dc9919172bbef0b7db01132270383cffe1eefa8b6
0491a5490c97bff9ec250ae3f682906f581ba8681d812617a4a092aedc3fbc36
05aac971ff8638bce1fdff4d97841ad8b375ab8e88f836816952b356ffd81968
05b8a0a12ba6727b44f0bb806f0ea3b2656d7eae97d8f348592c2697c7189875
06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68
068f16c87c9ce7f94fd2a354126eed7e5028cb84d5cd108337513d2882726036
06a06bef7bdb91fc33e2f01009b97fb861c9be84e77f3e06cded40b4fe33bb77
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
09011d06fa57ef53ff2b01ea6f545c28decd9c45fe825491734d06777bbc0861
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09a29372ded58b5755d576055d2f1b8c9935de68aae650c03a9d44902dc21483
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11cf169246e658b2e95f11201472f93249ca4b695349ad14cb1abe13f23d1712
12323b469744d3122a6ab38331ec29e33b2ae39992c6949ed20684be130e22df
156dc65ba599ca555b23d044f43476893cf7d88cc732f5bfec5799dab61c89da
15920dbfb5f27386aecb059e9356dc191c0d350699f17f649ccf01043b1fca44
15f717ec0752eb47a1ebbbcb6b6ed87d60a764d5c268b165f3ca23e7e431ed90
16af007dda36563ee2ba4c131767b7cb930c45ab183b3ed95ece1c33f7d2536f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
197e36c3f80ef80f997d7142c1fa1dfa67be08238d60daeb559f48c0beff3aec
1b13ca069a400385e0e74c9e55e441413fe65a1a26b8e44bf964e372c1036e84
1b7c5f25db53d1840510f2ee9b4f09b70cabb1f7981e8c7059d19ad90f463a3f
1b9463228ccae5d87607bd549b588bab1bf69bb1f77ff046b9724b17ae41f4d2
1ccdcb31944456b3bbff5c2d8efa51bd6bd7c526885dd3ed6dbde29710b1e6bf
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
20136bbe7fbecb855c83c436d35cba9899a13379cf6c7f92900d28b2136b8827
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
256374e9385951a4f305a78204e1927cb44a0dd27af24bed89902bb21bd975cc
26829fd4a28be2ccc1dd0d102e1421c30faafe60b1e2aa72504bc61e58062a57
26906d25a249bb3e03d4e3ce381b03a65d2cf09eca28015106e60a2e1ef002af
26c0d7dbd28965c64b477e2e3d2aeb484aa682f3d3a396b4582bc949a2485c19
286abd8b0e7803703b0d830c93733e7fc80056ac8258baf5f3ba50a29a22263a
28ee517b0f6964e96fed8aef415105b9f483918f4b86992e0a312a60164275c4
2a2a9f8a7525249c2096c6e6b98cd4e92b578f30b462d74f7e827ce0fcb2afd4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3c75a6f578d950d84b7a6b5f41264918fc4a8d72dfc0a2ccb36b20d173bf01
2cb62b56f413636787e35aad82eb911ab4a44cfbf7091fd4e17ed7d83b58cb9a
2d3503504608acea144c8ea7c97b485ef46d4424ad1db3f9cfde31fc1aab5068
2d3a20faae713aa23b9639a83c90d42f042f7df30e68c1646db52a031f3477c8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30174d003861beeddcb22524beef11038e690ab75945dbdb8a1cd94b4ad116e9
30a99ac8707095147bd725648e1c7ac40c834be647b5c6f9bb00fd9ec09baba8
327278fbd92cffbea1ec7d4afa22797e9c2ad3d8e8d731c2b7fd5000a556dd98
3275c8b3b733babb9b6ec90ef843d1c6fef548cef44fab8dcec765a25775fdee
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ecc594f7f40dcd6433090ad254d0b9fee37eb837b97d0a2622cf6b75e1869b
354aa7ffd803fabaa0b653b353004eddd21a27bc1f39407488ecaad613dc73de
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b478ee6b77ba099d6e42774a830457d8e6bef41dea1f3fbda969de1dee5edca
3b5b349feaf60a66e475c1dfe752b97838348f41e58e0ef5ed05e5107615ba1e
3b72abb0f513bb56e31e899e34d0faadb4d6d9d963b652f5e0289b171a392aee
3c96803b8018a5d2cce722475b1ba95925d0e7cd90a385924b17e98976252bc3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403442719bc2412ef3c6223b107a7ae25bebf9908a2bd45236ff85ecfb14e16c
40b36736e20c4fc4c9d59075406fc5e85c16208bf4e406d93429c2a10910b398
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
40e862ec0c0fcc867fcf95415c623b53d67a914117201991fdc481c423982691
41905e52d0e529ddf88711ed99139ca3607c7d3282db3f5a53606472c27db9e8
42f9f35b7d4ee965e1d856856a4a6b6fc2b97da64122d34a84f7020a5097858b
4319cb2de554d04a2d85f964f1e27a46718e2028c4ed87a2ef2922d20c92cc34
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4439cf8cb95daf6f05f35914c28466537c51ff37698615533327c34a8162435e
46337170fd1b6e71c5602ad9d69f0d6df2cc4956ec95b08e9a660da3b9e24471
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a7e3290c7710fa14563f8f51fbad3fd3e62edbddf287203659be4a34b40f3f6
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257
4d79381fe7503aba9a0b738405c323ff852861da3eea8e3a40339d2a21c728a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50b8486c09a046ada82f0adf6a6ae40acaeab17d9b091ab39f1b8003c9983c11
5125ee8d908ca8a8e8f1f95735d853c105087d7c7c3bde0a05e685af15ee90fd
51e5b3cab35133e7fcf265eef6e4b6e481af760798a7a5e6bdfc61ab82e35b61
5365cc14f466e0f452b624aaa4c83845e79145c60f890afb9043539233476895
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498c766a80c426e137a9c7bbe7a54ef43b95611ce198eaa7f8e18a82e37fdb9
55544946b29c8581fd2412472ed266fdde1bde7ea675a6491f59abcf0f90a1ed
5618770b3472a57a2d44b44c313eff72315b99e5404fb7249a72a7c0b66a23ea
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57279cfbc8453d5b38d03b1e52a483867d12d0bde958e20cb77c8852b73b1f26
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5780041612840d8ffb1fdb45f13022663ab68ac0fe76ceca76610fbae0f74515
57b5b1373848f0716ac2f8dc029457825219289e61d6e51ae6222d293706c5ad
58aeaff1ec04043714d4ee003ce250cb00edf893e08b9d0c1b432030998fb989
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5a62c5460402482508f508f694040adede09fecbf51201f46ac90a0948088466
5d325ef71a6fbbe1e3702d2ddd57b56a23d38007628d43e016a08c0c1c76c789
5d7692b218441429022d4ead5b787c226e59d9d3952a1e36c16735c88aa6862b
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
6258c544ad138b7c35a5530591530734f006f826f84b4b6200d5c4c38b6978af
635388de567b75686880153aa33f6ee37fd8172d7a96c973d92d6fa7dc5245fb
6363291e32e3e3658a48ae9dd34781578cc2ae21286882a960c0705f7cc13442
63b529289413af985f7534910390687265804c9382a1766e49036bf81524280a
66887b16cbbe3f21a8643b424f39f7aab1f6fb63ccfd92bd8ba18f12eb86062f
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb127e3d25a6ac98d5309aa1f7cda64464fa44e6b7587674786acbb67706c24
6bd232f13f1157f2d403a2c6a4828bc1df2ab97cf566469ea90ec846cff1a110
6c140d899a49d0a3cff9d5e0cba5a49f34819c303af16d11f6111a388caa60b8
6c7d79b6c59d3303f6a79a71a5ada66455564b0285799e2c5f9139089e871f8d
7078ae8fd1ba5ac221881d89cba10d5b9ee2e955d0155d75c8addfb54290357a
7092dc0c6c73a2c9c44bc569cdff9674aeca7e9b4f248e673ef3098407f5a37a
71b61d0f83d5e8a0b4503754a4d5530b32ba8c66caaeb3a5444dc7f8e69422be
742873fae92e5c093a9d4616746d612511e75c07104578b1731dc89612b8ddca
77fefbbd87302cfd9863148fd0383e3ead18a017583447cedca3626f182c80d0
793edecc64bab6c0fe357a21137b9a7a680b69c5ed7abc071df5cfd5620c9bd3
7b402b6917425beb79093d4ca596e88ab0fff8ff4b71c542c2d91e83a4ca5e3f
7b80550051327d789a1553bc06848fa0ec33a7b1029a31bba289459f1c0e0417
7d81ab9ae4a8a37f06a8daff7ec4f9fe2599670739710d947a0b916aea2685dd
7e4235765220505fc3fd859e3c855b05072ee15ebda411a242269d280fa2e7d2
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
81f06f444a4116798aa537ffbcd7f573f34fbb736404d8a457bd7784b7ad97d6
830637f62445e221adba1d83ffd6937a2fc851f26cefa79eb9741c3979e75e65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844cd56c88c3baf5292041b8961efd7ce1aa25f34addf64600862b8ebfceba7f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855a1d75870327eb4df4cdd51fff7a55a9be8ee0b2e7de65121eded88be1e582
8676e2793862152850f3d5f35d172e9f96966cc7583339a861e9a20a149cc400
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
88a0a2c4d70bfa38e87356055de1644c3f1833770b6e58f2f6635095bea767d9
89cd3c4e96cb3fae359cd1be31173ebc927bba19840a87f7ec7948e0b6603bf5
8b48baa6e169f82ef497759be254ae960582a60f8eef95050f95f57eb3836aa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da2bc2bb3b83638c010ce786f02a50ac2e4a3175165de893c1ebcee1769957b
903eb5f3bd8ec74a78cac9b20a6cc5ec414b748f29a50c931fb1b04b68938097
904c36c6e12c71de568bc6bd181d3fbe5f18d110a14d5cbcd6ee701809377820
90687150c18ec51580a40877532d01b82c479d207966f5b51972f0efee916f18
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
950d9493e8e4e1c40210193671a0ea5120029a2069527ded5adeb5dd704b4d6e
952a65260d613208ca3026ac07e8a626229bc86f356dbdd9845d0a77c2ffccbb
954c9c9b54babd1499bf352b1ab367bcb646da3ec4fbecc1c5e29866187c29af
9553181fbc80f5e288c828095a44f27d756cbc32d9641eec6dbd1a4989eb5b88
96189844e62acf75760af2162886475d5030d3d2803b41076e760f3b962045dd
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
986f9f090a3eea798bf6475ee795a2bb7009947cadfbb9dcab01793f9c422c3f
98807a085b505a9dcd8206da7dd89ee34194f77e2edb36bffd36cef8a0d0e61f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9b8ffd7a45490ece6534884cc94ee76b07713ca019b12a1a18e3dcc181592459
9ba82f235513f8f469c232e82195fe2c794eebb0e0094caefa99649e5aff87e9
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
9cd9f5d15bae475759281d064116054b6b506ee372c25890563ff7b34416bab9
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0bd61f5cd7a9b015d2918d632d918c6ffe07156a284e94bf8e489561eab3ae2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12ec8384e0999479d9acda848b34c2987ddcdb711f2754262943d15129066c4
a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7
a270ff6d857c24ed0f092bb6639e50dcaa26a76b1580f48a2b3e3b3328f090f1
a3925f750a40fd373233b0695a684bcfc2fcc7908e49c0c470fe75bf71a14b7f
a394746884bad32545734f0741ac77493d981671f8072d0748a7c52a13dc9c80
a400157ed9d127b55720246ea9fa43f32251f3b9508e6c3efd75c752ffad452a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ff8c2ffa72d02ee8c03a761bd316348e63375e0f64c3a5f0e87d5d691ba4b0
a5a2c16989467d65f6134df83d23aba81977868f6a00a162446891846537b7d1
a5e3f4726bb9f11c7ac21b8792fb6d21d1c4a69714081edb2d24e097cf1a4b13
a7c2e6d65aba0fc6879dedd498db91f623ff18f09291136152f53fc4cee89ef9
a928bd7174193ecef74cc60693796118826e53e5be214daf6d25f17f68b93446
a94c2bd94b47efcacd443c9441e5964757e9bd92890fd171c36b6ca506258b75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae847df29d74492dbf418cb89bc2d84005c3f6bf2efda272282a1d26c84a623
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
adc24db6dee62cdd102fbbaa5a1164cfb833659736d067fe509e73062054dfa1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
af835534886fb170aa0e127081ec31839725ca855b801d12f7919f78e5724947
b0f5f99e38a88549ed8e642069516a87f998ef2c915ddd1d6ff1e311c9489aca
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2d05408d32fc60127a2adf727085f0fb3a320cab7f8d5fc868b7620e535124c
b61fad1fda244a24e2b9e5d287b20519f8105db8dd370dd45b2c1e61372ca8fc
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b852379998b46c513e01373bac76274a3f1ae3f17d142123fa2b8e8cfe4342b3
b86628eef46d6268040fe71162626333e5b4472269be911ff833c2a2e421128e
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b91588ecb719389c385f6c1ce5774b2df433daa1ed1eeccf51d2045c0f8879e8
b9a446f170aad0f5c56398b24e1218fc4290f1f5b04bb112ef19cce4033ba800
bad9adb7bd15a22b1d3e73ce5dd610cd4a3e0dd5d8d6d7e3fb8ed634d65e047a
bae2c6ef4e9c527076bd16e6882f80919e045f680f2416d4b1f42cf1f832884e
bd35b73fc297a5fd9f8305f0ca56e865eef0ad4f1dcbbe1e0e098afde2316e08
bd449f5279a277403691ee8cdad15d7ef7ccaafdc7b1b71e6eb503738f6aae09
bf93a99f209ecf4657215954f81f31acf2b956eee06d5dde32592ef68de59c83
c0c185de046d48f0758edea7df295e355c007355e01efef820c1fbb260aaa088
c1e628097db41a10f86eccd1e88255737acc352231c33010037d278f2888c5d8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26088b9602714872c8ffc6e9fc78e28752439c53fbab8b9c9dc8ce71b7d9e42
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c6500b0dc7bc89510ce9566b5f9abd8a18e7c1370696f40b75ec23519194ddad
c6e09009071c1c3bcaa29d3985675f08abee6fcd381e509fa1a402c29b8591e0
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c85855bca4bc19a1a6898624424443ce3a5e6b19f47212dbf5262c43b7a82a68
c85cf7fde666488f4d0c956e7ac3ab0f2eff998805b9624c8ee203fac5009332
c8e2f196f7e1dffb6f0fa6f64632ecc30796db7c331a7e26a60914b02a4b3699
ca29310fd29ac240ad1ad67e271672ceecc9928f62b3804c8150307047ab59f3
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf654b9c105e3133c4f8083f15371ea7b2db4c2d6391fd38d2c136019275e1c3
cfc64af2353feef700b8dce92450c0b8110beee1677f480058480e508305be35
d0cda426bacc75d3d1eac5459306b2fbb875c77175ec97454bf3adf0c2c53127
d14b61aaa85c0a51608c3553c8e6e9dcf0d9689d993547be4f61d8af31dbf62b
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d59bec55d963981852784e5fe45762ad03a61369074019fd78b202b15d71b1ed
d7ae53e6a30f19e2987c1987ccddb0fd8e0a0dea60c11e37b70d1f48066d6420
d7b563acc38dd793f7904bbf6ec8188861a5581838e6cfea104ed8ca3e8fe2f4
d7e5eb7a2b36f11c1d21d1c56860aad447b0d815a8a18b3cd171ee3c1e2f407d
d97cfad68bfab0e14e7eb0d5450121b30a8afae81601eb7c8f36ac374089e07e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa166f0c01f6b91190b6a18f437f02ae30cd12b479bd9a433272fd9c1020eec
db6c0c0b995a058161a53df3d021e73699dbd3eb18030658bc6a00b64ea39a7b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf4d2b59fcf47fdbcd142da9bbd9758e6a4de1e4cef11c73c2f72a49f4f13a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec9990408ea55d834294a924da00d4c4f9b7f6e88a178c542c42cea9643aa76
df03e76d3adc59a37462270eb0b680d527fd2d1c45ebd388e12c73cdc87d7cca
dfe46a97562fb1bd3543f44139163c78c09cee333bbc9463982cd19290add22a
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2150bd820d129a2c937e6d980824cbc88fb5ec9d43e06be325e99787db6a61f
e384214965550bd4ea18a4f8c839df84289cecd0e4c8dab2eb42c8fadd8b1641
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d16b45c5d0dfd8f405e3f1e1578fd3d0ad6bddf0f99a398b22812746253309
e478b83de26bbd91a7ef2cb06de1e03c7342656305018afa089cf8d7447ec4f6
e55edce3300899ce9cb3c7da847e265f86a5b5eaab346a1c9ae906ed48cd0535
e595c68ca5d2e0ecbdf6a9544920b09c2b24f3ac28c850bbe3d062afdce3e74c
e5c44ac737785fd6396f1f9e4718ed9c1325e5ea7c3b1c03092ddbe0526dc804
e604aa5a8622e629d113077a383e94befc9598ca36a06c979b325fa6c898bb55
e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7489ba36bf2a7b68acddec80e6ab44569709145ebb75a216f1e23cbccd36411
ec17dbfc42c7a5d104220bfc7fe22121611b146b72749ba5f8c0ac76f5a21f02
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef242eb99679d7583920f00cdd7cccd1ae2300f9a8889105cd585332795ad059
ef425c4ec4d7f0dcdd5aee321a894a381da5517d562264865a9adeb24f994e39
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f07339dd7ddb5fb149784bd244cbed373006c107151d2ac9c82d2d4c98f0b27c
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f374efb40f6472c5fcb54c98d5e0abcc0800f27ed6aaf3716fa719e27de56f25
f3a33a8e6b1326e61e58f424a83d5c9865c945d6049d07e7b3189f46da43929a
f4707c4a2c4b667770d34a13152183333a79f1dbc6c85441d905fc2bcb41a959
f5145cd0dc6362a4273db7561db9bff6ac55f019b5aa970e24e918fc2aae12e7
f67727bf0bf377b25e922a2d44781b42b0056dad3d891d0378676474801a57ff
fe0ad3d792195d812478a9b0ba4eba480871d74fd1911c17535800d42b136bbf
fe47e430df3f61b9ba874ef5b768b1af652679aee52005214cec013cafb63938
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6